1/* 2 * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") 3 * Copyright (C) 1999-2003 Internet Software Consortium. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 * PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18/* $Id: rdataset.h,v 1.72 2011/06/08 22:13:51 each Exp $ */ 19 20#ifndef DNS_RDATASET_H 21#define DNS_RDATASET_H 1 22 23/***** 24 ***** Module Info 25 *****/ 26 27/*! \file dns/rdataset.h 28 * \brief 29 * A DNS rdataset is a handle that can be associated with a collection of 30 * rdata all having a common owner name, class, and type. 31 * 32 * The dns_rdataset_t type is like a "virtual class". To actually use 33 * rdatasets, an implementation of the method suite (e.g. "slabbed rdata") is 34 * required. 35 * 36 * XXX <more> XXX 37 * 38 * MP: 39 *\li Clients of this module must impose any required synchronization. 40 * 41 * Reliability: 42 *\li No anticipated impact. 43 * 44 * Resources: 45 *\li TBS 46 * 47 * Security: 48 *\li No anticipated impact. 49 * 50 * Standards: 51 *\li None. 52 */ 53 54#include <isc/lang.h> 55#include <isc/magic.h> 56#include <isc/stdtime.h> 57 58#include <dns/types.h> 59#include <dns/rdatastruct.h> 60 61ISC_LANG_BEGINDECLS 62 63typedef enum { 64 dns_rdatasetadditional_fromauth, 65 dns_rdatasetadditional_fromcache, 66 dns_rdatasetadditional_fromglue 67} dns_rdatasetadditional_t; 68 69typedef struct dns_rdatasetmethods { 70 void (*disassociate)(dns_rdataset_t *rdataset); 71 isc_result_t (*first)(dns_rdataset_t *rdataset); 72 isc_result_t (*next)(dns_rdataset_t *rdataset); 73 void (*current)(dns_rdataset_t *rdataset, 74 dns_rdata_t *rdata); 75 void (*clone)(dns_rdataset_t *source, 76 dns_rdataset_t *target); 77 unsigned int (*count)(dns_rdataset_t *rdataset); 78 isc_result_t (*addnoqname)(dns_rdataset_t *rdataset, 79 dns_name_t *name); 80 isc_result_t (*getnoqname)(dns_rdataset_t *rdataset, 81 dns_name_t *name, 82 dns_rdataset_t *neg, 83 dns_rdataset_t *negsig); 84 isc_result_t (*addclosest)(dns_rdataset_t *rdataset, 85 dns_name_t *name); 86 isc_result_t (*getclosest)(dns_rdataset_t *rdataset, 87 dns_name_t *name, 88 dns_rdataset_t *neg, 89 dns_rdataset_t *negsig); 90 isc_result_t (*getadditional)(dns_rdataset_t *rdataset, 91 dns_rdatasetadditional_t type, 92 dns_rdatatype_t qtype, 93 dns_acache_t *acache, 94 dns_zone_t **zonep, 95 dns_db_t **dbp, 96 dns_dbversion_t **versionp, 97 dns_dbnode_t **nodep, 98 dns_name_t *fname, 99 dns_message_t *msg, 100 isc_stdtime_t now); 101 isc_result_t (*setadditional)(dns_rdataset_t *rdataset, 102 dns_rdatasetadditional_t type, 103 dns_rdatatype_t qtype, 104 dns_acache_t *acache, 105 dns_zone_t *zone, 106 dns_db_t *db, 107 dns_dbversion_t *version, 108 dns_dbnode_t *node, 109 dns_name_t *fname); 110 isc_result_t (*putadditional)(dns_acache_t *acache, 111 dns_rdataset_t *rdataset, 112 dns_rdatasetadditional_t type, 113 dns_rdatatype_t qtype); 114 void (*settrust)(dns_rdataset_t *rdataset, 115 dns_trust_t trust); 116 void (*expire)(dns_rdataset_t *rdataset); 117} dns_rdatasetmethods_t; 118 119#define DNS_RDATASET_MAGIC ISC_MAGIC('D','N','S','R') 120#define DNS_RDATASET_VALID(set) ISC_MAGIC_VALID(set, DNS_RDATASET_MAGIC) 121 122/*% 123 * Direct use of this structure by clients is strongly discouraged, except 124 * for the 'link' field which may be used however the client wishes. The 125 * 'private', 'current', and 'index' fields MUST NOT be changed by clients. 126 * rdataset implementations may change any of the fields. 127 */ 128struct dns_rdataset { 129 unsigned int magic; /* XXX ? */ 130 dns_rdatasetmethods_t * methods; 131 ISC_LINK(dns_rdataset_t) link; 132 /* 133 * XXX do we need these, or should they be retrieved by methods? 134 * Leaning towards the latter, since they are not frequently required 135 * once you have the rdataset. 136 */ 137 dns_rdataclass_t rdclass; 138 dns_rdatatype_t type; 139 dns_ttl_t ttl; 140 dns_trust_t trust; 141 dns_rdatatype_t covers; 142 /* 143 * attributes 144 */ 145 unsigned int attributes; 146 /*% 147 * the counter provides the starting point in the "cyclic" order. 148 * The value ISC_UINT32_MAX has a special meaning of "picking up a 149 * random value." in order to take care of databases that do not 150 * increment the counter. 151 */ 152 isc_uint32_t count; 153 /* 154 * This RRSIG RRset should be re-generated around this time. 155 * Only valid if DNS_RDATASETATTR_RESIGN is set in attributes. 156 */ 157 isc_stdtime_t resign; 158 /*@{*/ 159 /*% 160 * These are for use by the rdataset implementation, and MUST NOT 161 * be changed by clients. 162 */ 163 void * private1; 164 void * private2; 165 void * private3; 166 unsigned int privateuint4; 167 void * private5; 168 void * private6; 169 void * private7; 170 /*@}*/ 171 172}; 173 174/*! 175 * \def DNS_RDATASETATTR_RENDERED 176 * Used by message.c to indicate that the rdataset was rendered. 177 * 178 * \def DNS_RDATASETATTR_TTLADJUSTED 179 * Used by message.c to indicate that the rdataset's rdata had differing 180 * TTL values, and the rdataset->ttl holds the smallest. 181 * 182 * \def DNS_RDATASETATTR_LOADORDER 183 * Output the RRset in load order. 184 */ 185 186#define DNS_RDATASETATTR_QUESTION 0x00000001 187#define DNS_RDATASETATTR_RENDERED 0x00000002 /*%< Used by message.c */ 188#define DNS_RDATASETATTR_ANSWERED 0x00000004 /*%< Used by server. */ 189#define DNS_RDATASETATTR_CACHE 0x00000008 /*%< Used by resolver. */ 190#define DNS_RDATASETATTR_ANSWER 0x00000010 /*%< Used by resolver. */ 191#define DNS_RDATASETATTR_ANSWERSIG 0x00000020 /*%< Used by resolver. */ 192#define DNS_RDATASETATTR_EXTERNAL 0x00000040 /*%< Used by resolver. */ 193#define DNS_RDATASETATTR_NCACHE 0x00000080 /*%< Used by resolver. */ 194#define DNS_RDATASETATTR_CHAINING 0x00000100 /*%< Used by resolver. */ 195#define DNS_RDATASETATTR_TTLADJUSTED 0x00000200 /*%< Used by message.c */ 196#define DNS_RDATASETATTR_FIXEDORDER 0x00000400 197#define DNS_RDATASETATTR_RANDOMIZE 0x00000800 198#define DNS_RDATASETATTR_CHASE 0x00001000 /*%< Used by resolver. */ 199#define DNS_RDATASETATTR_NXDOMAIN 0x00002000 200#define DNS_RDATASETATTR_NOQNAME 0x00004000 201#define DNS_RDATASETATTR_CHECKNAMES 0x00008000 /*%< Used by resolver. */ 202#define DNS_RDATASETATTR_REQUIREDGLUE 0x00010000 203#define DNS_RDATASETATTR_LOADORDER 0x00020000 204#define DNS_RDATASETATTR_RESIGN 0x00040000 205#define DNS_RDATASETATTR_CLOSEST 0x00080000 206#define DNS_RDATASETATTR_OPTOUT 0x00100000 /*%< OPTOUT proof */ 207#define DNS_RDATASETATTR_NEGATIVE 0x00200000 208 209/*% 210 * _OMITDNSSEC: 211 * Omit DNSSEC records when rendering ncache records. 212 */ 213#define DNS_RDATASETTOWIRE_OMITDNSSEC 0x0001 214 215void 216dns_rdataset_init(dns_rdataset_t *rdataset); 217/*%< 218 * Make 'rdataset' a valid, disassociated rdataset. 219 * 220 * Requires: 221 *\li 'rdataset' is not NULL. 222 * 223 * Ensures: 224 *\li 'rdataset' is a valid, disassociated rdataset. 225 */ 226 227void 228dns_rdataset_invalidate(dns_rdataset_t *rdataset); 229/*%< 230 * Invalidate 'rdataset'. 231 * 232 * Requires: 233 *\li 'rdataset' is a valid, disassociated rdataset. 234 * 235 * Ensures: 236 *\li If assertion checking is enabled, future attempts to use 'rdataset' 237 * without initializing it will cause an assertion failure. 238 */ 239 240void 241dns_rdataset_disassociate(dns_rdataset_t *rdataset); 242/*%< 243 * Disassociate 'rdataset' from its rdata, allowing it to be reused. 244 * 245 * Notes: 246 *\li The client must ensure it has no references to rdata in the rdataset 247 * before disassociating. 248 * 249 * Requires: 250 *\li 'rdataset' is a valid, associated rdataset. 251 * 252 * Ensures: 253 *\li 'rdataset' is a valid, disassociated rdataset. 254 */ 255 256isc_boolean_t 257dns_rdataset_isassociated(dns_rdataset_t *rdataset); 258/*%< 259 * Is 'rdataset' associated? 260 * 261 * Requires: 262 *\li 'rdataset' is a valid rdataset. 263 * 264 * Returns: 265 *\li #ISC_TRUE 'rdataset' is associated. 266 *\li #ISC_FALSE 'rdataset' is not associated. 267 */ 268 269void 270dns_rdataset_makequestion(dns_rdataset_t *rdataset, dns_rdataclass_t rdclass, 271 dns_rdatatype_t type); 272/*%< 273 * Make 'rdataset' a valid, associated, question rdataset, with a 274 * question class of 'rdclass' and type 'type'. 275 * 276 * Notes: 277 *\li Question rdatasets have a class and type, but no rdata. 278 * 279 * Requires: 280 *\li 'rdataset' is a valid, disassociated rdataset. 281 * 282 * Ensures: 283 *\li 'rdataset' is a valid, associated, question rdataset. 284 */ 285 286void 287dns_rdataset_clone(dns_rdataset_t *source, dns_rdataset_t *target); 288/*%< 289 * Make 'target' refer to the same rdataset as 'source'. 290 * 291 * Requires: 292 *\li 'source' is a valid, associated rdataset. 293 * 294 *\li 'target' is a valid, dissociated rdataset. 295 * 296 * Ensures: 297 *\li 'target' references the same rdataset as 'source'. 298 */ 299 300unsigned int 301dns_rdataset_count(dns_rdataset_t *rdataset); 302/*%< 303 * Return the number of records in 'rdataset'. 304 * 305 * Requires: 306 *\li 'rdataset' is a valid, associated rdataset. 307 * 308 * Returns: 309 *\li The number of records in 'rdataset'. 310 */ 311 312isc_result_t 313dns_rdataset_first(dns_rdataset_t *rdataset); 314/*%< 315 * Move the rdata cursor to the first rdata in the rdataset (if any). 316 * 317 * Requires: 318 *\li 'rdataset' is a valid, associated rdataset. 319 * 320 * Returns: 321 *\li #ISC_R_SUCCESS 322 *\li #ISC_R_NOMORE There are no rdata in the set. 323 */ 324 325isc_result_t 326dns_rdataset_next(dns_rdataset_t *rdataset); 327/*%< 328 * Move the rdata cursor to the next rdata in the rdataset (if any). 329 * 330 * Requires: 331 *\li 'rdataset' is a valid, associated rdataset. 332 * 333 * Returns: 334 *\li #ISC_R_SUCCESS 335 *\li #ISC_R_NOMORE There are no more rdata in the set. 336 */ 337 338void 339dns_rdataset_current(dns_rdataset_t *rdataset, dns_rdata_t *rdata); 340/*%< 341 * Make 'rdata' refer to the current rdata. 342 * 343 * Notes: 344 * 345 *\li The data returned in 'rdata' is valid for the life of the 346 * rdataset; in particular, subsequent changes in the cursor position 347 * do not invalidate 'rdata'. 348 * 349 * Requires: 350 *\li 'rdataset' is a valid, associated rdataset. 351 * 352 *\li The rdata cursor of 'rdataset' is at a valid location (i.e. the 353 * result of last call to a cursor movement command was ISC_R_SUCCESS). 354 * 355 * Ensures: 356 *\li 'rdata' refers to the rdata at the rdata cursor location of 357 *\li 'rdataset'. 358 */ 359 360isc_result_t 361dns_rdataset_totext(dns_rdataset_t *rdataset, 362 dns_name_t *owner_name, 363 isc_boolean_t omit_final_dot, 364 isc_boolean_t question, 365 isc_buffer_t *target); 366/*%< 367 * Convert 'rdataset' to text format, storing the result in 'target'. 368 * 369 * Notes: 370 *\li The rdata cursor position will be changed. 371 * 372 *\li The 'question' flag should normally be #ISC_FALSE. If it is 373 * #ISC_TRUE, the TTL and rdata fields are not printed. This is 374 * for use when printing an rdata representing a question section. 375 * 376 *\li This interface is deprecated; use dns_master_rdatasettottext() 377 * and/or dns_master_questiontotext() instead. 378 * 379 * Requires: 380 *\li 'rdataset' is a valid rdataset. 381 * 382 *\li 'rdataset' is not empty. 383 */ 384 385isc_result_t 386dns_rdataset_towire(dns_rdataset_t *rdataset, 387 dns_name_t *owner_name, 388 dns_compress_t *cctx, 389 isc_buffer_t *target, 390 unsigned int options, 391 unsigned int *countp); 392/*%< 393 * Convert 'rdataset' to wire format, compressing names as specified 394 * in 'cctx', and storing the result in 'target'. 395 * 396 * Notes: 397 *\li The rdata cursor position will be changed. 398 * 399 *\li The number of RRs added to target will be added to *countp. 400 * 401 * Requires: 402 *\li 'rdataset' is a valid rdataset. 403 * 404 *\li 'rdataset' is not empty. 405 * 406 *\li 'countp' is a valid pointer. 407 * 408 * Ensures: 409 *\li On a return of ISC_R_SUCCESS, 'target' contains a wire format 410 * for the data contained in 'rdataset'. Any error return leaves 411 * the buffer unchanged. 412 * 413 *\li *countp has been incremented by the number of RRs added to 414 * target. 415 * 416 * Returns: 417 *\li #ISC_R_SUCCESS - all ok 418 *\li #ISC_R_NOSPACE - 'target' doesn't have enough room 419 * 420 *\li Any error returned by dns_rdata_towire(), dns_rdataset_next(), 421 * dns_name_towire(). 422 */ 423 424isc_result_t 425dns_rdataset_towiresorted(dns_rdataset_t *rdataset, 426 const dns_name_t *owner_name, 427 dns_compress_t *cctx, 428 isc_buffer_t *target, 429 dns_rdatasetorderfunc_t order, 430 const void *order_arg, 431 unsigned int options, 432 unsigned int *countp); 433/*%< 434 * Like dns_rdataset_towire(), but sorting the rdatasets according to 435 * the integer value returned by 'order' when called with the rdataset 436 * and 'order_arg' as arguments. 437 * 438 * Requires: 439 *\li All the requirements of dns_rdataset_towire(), and 440 * that order_arg is NULL if and only if order is NULL. 441 */ 442 443isc_result_t 444dns_rdataset_towirepartial(dns_rdataset_t *rdataset, 445 const dns_name_t *owner_name, 446 dns_compress_t *cctx, 447 isc_buffer_t *target, 448 dns_rdatasetorderfunc_t order, 449 const void *order_arg, 450 unsigned int options, 451 unsigned int *countp, 452 void **state); 453/*%< 454 * Like dns_rdataset_towiresorted() except that a partial rdataset 455 * may be written. 456 * 457 * Requires: 458 *\li All the requirements of dns_rdataset_towiresorted(). 459 * If 'state' is non NULL then the current position in the 460 * rdataset will be remembered if the rdataset in not 461 * completely written and should be passed on on subsequent 462 * calls (NOT CURRENTLY IMPLEMENTED). 463 * 464 * Returns: 465 *\li #ISC_R_SUCCESS if all of the records were written. 466 *\li #ISC_R_NOSPACE if unable to fit in all of the records. *countp 467 * will be updated to reflect the number of records 468 * written. 469 */ 470 471isc_result_t 472dns_rdataset_additionaldata(dns_rdataset_t *rdataset, 473 dns_additionaldatafunc_t add, void *arg); 474/*%< 475 * For each rdata in rdataset, call 'add' for each name and type in the 476 * rdata which is subject to additional section processing. 477 * 478 * Requires: 479 * 480 *\li 'rdataset' is a valid, non-question rdataset. 481 * 482 *\li 'add' is a valid dns_additionaldatafunc_t 483 * 484 * Ensures: 485 * 486 *\li If successful, dns_rdata_additionaldata() will have been called for 487 * each rdata in 'rdataset'. 488 * 489 *\li If a call to dns_rdata_additionaldata() is not successful, the 490 * result returned will be the result of dns_rdataset_additionaldata(). 491 * 492 * Returns: 493 * 494 *\li #ISC_R_SUCCESS 495 * 496 *\li Any error that dns_rdata_additionaldata() can return. 497 */ 498 499isc_result_t 500dns_rdataset_getnoqname(dns_rdataset_t *rdataset, dns_name_t *name, 501 dns_rdataset_t *neg, dns_rdataset_t *negsig); 502/*%< 503 * Return the noqname proof for this record. 504 * 505 * Requires: 506 *\li 'rdataset' to be valid and #DNS_RDATASETATTR_NOQNAME to be set. 507 *\li 'name' to be valid. 508 *\li 'neg' and 'negsig' to be valid and not associated. 509 */ 510 511isc_result_t 512dns_rdataset_addnoqname(dns_rdataset_t *rdataset, dns_name_t *name); 513/*%< 514 * Associate a noqname proof with this record. 515 * Sets #DNS_RDATASETATTR_NOQNAME if successful. 516 * Adjusts the 'rdataset->ttl' to minimum of the 'rdataset->ttl' and 517 * the 'nsec'/'nsec3' and 'rrsig(nsec)'/'rrsig(nsec3)' ttl. 518 * 519 * Requires: 520 *\li 'rdataset' to be valid and #DNS_RDATASETATTR_NOQNAME to be set. 521 *\li 'name' to be valid and have NSEC or NSEC3 and associated RRSIG 522 * rdatasets. 523 */ 524 525isc_result_t 526dns_rdataset_getclosest(dns_rdataset_t *rdataset, dns_name_t *name, 527 dns_rdataset_t *nsec, dns_rdataset_t *nsecsig); 528/*%< 529 * Return the closest encloser for this record. 530 * 531 * Requires: 532 *\li 'rdataset' to be valid and #DNS_RDATASETATTR_CLOSEST to be set. 533 *\li 'name' to be valid. 534 *\li 'nsec' and 'nsecsig' to be valid and not associated. 535 */ 536 537isc_result_t 538dns_rdataset_addclosest(dns_rdataset_t *rdataset, dns_name_t *name); 539/*%< 540 * Associate a closest encloset proof with this record. 541 * Sets #DNS_RDATASETATTR_CLOSEST if successful. 542 * Adjusts the 'rdataset->ttl' to minimum of the 'rdataset->ttl' and 543 * the 'nsec' and 'rrsig(nsec)' ttl. 544 * 545 * Requires: 546 *\li 'rdataset' to be valid and #DNS_RDATASETATTR_CLOSEST to be set. 547 *\li 'name' to be valid and have NSEC3 and RRSIG(NSEC3) rdatasets. 548 */ 549 550isc_result_t 551dns_rdataset_getadditional(dns_rdataset_t *rdataset, 552 dns_rdatasetadditional_t type, 553 dns_rdatatype_t qtype, 554 dns_acache_t *acache, 555 dns_zone_t **zonep, 556 dns_db_t **dbp, 557 dns_dbversion_t **versionp, 558 dns_dbnode_t **nodep, 559 dns_name_t *fname, 560 dns_message_t *msg, 561 isc_stdtime_t now); 562/*%< 563 * Get cached additional information from the DB node for a particular 564 * 'rdataset.' 'type' is one of dns_rdatasetadditional_fromauth, 565 * dns_rdatasetadditional_fromcache, and dns_rdatasetadditional_fromglue, 566 * which specifies the origin of the information. 'qtype' is intended to 567 * be used for specifying a particular rdata type in the cached information. 568 * 569 * Requires: 570 * \li 'rdataset' is a valid rdataset. 571 * \li 'acache' can be NULL, in which case this function will simply return 572 * ISC_R_FAILURE. 573 * \li For the other pointers, see dns_acache_getentry(). 574 * 575 * Ensures: 576 * \li See dns_acache_getentry(). 577 * 578 * Returns: 579 * \li #ISC_R_SUCCESS 580 * \li #ISC_R_FAILURE - additional information caching is not supported. 581 * \li #ISC_R_NOTFOUND - the corresponding DB node has not cached additional 582 * information for 'rdataset.' 583 * \li Any error that dns_acache_getentry() can return. 584 */ 585 586isc_result_t 587dns_rdataset_setadditional(dns_rdataset_t *rdataset, 588 dns_rdatasetadditional_t type, 589 dns_rdatatype_t qtype, 590 dns_acache_t *acache, 591 dns_zone_t *zone, 592 dns_db_t *db, 593 dns_dbversion_t *version, 594 dns_dbnode_t *node, 595 dns_name_t *fname); 596/*%< 597 * Set cached additional information to the DB node for a particular 598 * 'rdataset.' See dns_rdataset_getadditional for the semantics of 'type' 599 * and 'qtype'. 600 * 601 * Requires: 602 * \li 'rdataset' is a valid rdataset. 603 * \li 'acache' can be NULL, in which case this function will simply return 604 * ISC_R_FAILURE. 605 * \li For the other pointers, see dns_acache_setentry(). 606 * 607 * Ensures: 608 * \li See dns_acache_setentry(). 609 * 610 * Returns: 611 * \li #ISC_R_SUCCESS 612 * \li #ISC_R_FAILURE - additional information caching is not supported. 613 * \li #ISC_R_NOMEMORY 614 * \li Any error that dns_acache_setentry() can return. 615 */ 616 617isc_result_t 618dns_rdataset_putadditional(dns_acache_t *acache, 619 dns_rdataset_t *rdataset, 620 dns_rdatasetadditional_t type, 621 dns_rdatatype_t qtype); 622/*%< 623 * Discard cached additional information stored in the DB node for a particular 624 * 'rdataset.' See dns_rdataset_getadditional for the semantics of 'type' 625 * and 'qtype'. 626 * 627 * Requires: 628 * \li 'rdataset' is a valid rdataset. 629 * \li 'acache' can be NULL, in which case this function will simply return 630 * ISC_R_FAILURE. 631 * 632 * Ensures: 633 * \li See dns_acache_cancelentry(). 634 * 635 * Returns: 636 * \li #ISC_R_SUCCESS 637 * \li #ISC_R_FAILURE - additional information caching is not supported. 638 * \li #ISC_R_NOTFOUND - the corresponding DB node has not cached additional 639 * information for 'rdataset.' 640 */ 641 642void 643dns_rdataset_settrust(dns_rdataset_t *rdataset, dns_trust_t trust); 644/*%< 645 * Set the trust of the 'rdataset' to trust in any in the backing database. 646 * The local trust level of 'rdataset' is also set. 647 */ 648 649void 650dns_rdataset_expire(dns_rdataset_t *rdataset); 651/*%< 652 * Mark the rdataset to be expired in the backing database. 653 */ 654 655void 656dns_rdataset_trimttl(dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, 657 dns_rdata_rrsig_t *rrsig, isc_stdtime_t now, 658 isc_boolean_t acceptexpired); 659/*%< 660 * Trim the ttl of 'rdataset' and 'sigrdataset' so that they will expire 661 * at or before 'rrsig->expiretime'. If 'acceptexpired' is true and the 662 * signature has expired or will expire in the next 120 seconds, limit 663 * the ttl to be no more than 120 seconds. 664 * 665 * The ttl is further limited by the original ttl as stored in 'rrsig' 666 * and the original ttl values of 'rdataset' and 'sigrdataset'. 667 * 668 * Requires: 669 * \li 'rdataset' is a valid rdataset. 670 * \li 'sigrdataset' is a valid rdataset. 671 * \li 'rrsig' is non NULL. 672 */ 673 674const char * 675dns_trust_totext(dns_trust_t trust); 676/* 677 * Display trust in textual form. 678 */ 679 680ISC_LANG_ENDDECLS 681 682#endif /* DNS_RDATASET_H */ 683