manpagez: man pages & more
man ldns_dnssec_zone_create_rrsigs(3)
Home | html | info | man
ldns(3)                                                                ldns(3)




NAME

       ldns_dnssec_zone_sign,                     ldns_dnssec_zone_sign_nsec3,
       ldns_dnssec_zone_mark_glue,         ldns_dnssec_name_node_next_nonglue,
       ldns_dnssec_zone_create_nsecs,           ldns_dnssec_remove_signatures,
       ldns_dnssec_zone_create_rrsigs



SYNOPSIS

       #include <stdint.h>
       #include <stdbool.h>

       #include <ldns/ldns.h>

       ldns_status ldns_dnssec_zone_sign(ldns_dnssec_zone *zone,  ldns_rr_list
       *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void
       *arg);

       ldns_status     ldns_dnssec_zone_sign_nsec3(ldns_dnssec_zone     *zone,
       ldns_rr_list  *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *,
       void *), void *arg, uint8_t algorithm, uint8_t flags,  uint16_t  itera-
       tions, uint8_t salt_length, uint8_t *salt);

        ldns_dnssec_zone_mark_glue();

       ldns_rbnode_t* ldns_dnssec_name_node_next_nonglue(ldns_rbnode_t *node);

       ldns_status    ldns_dnssec_zone_create_nsecs(ldns_dnssec_zone    *zone,
       ldns_rr_list *new_rrs);

       ldns_dnssec_rrs*  ldns_dnssec_remove_signatures(ldns_dnssec_rrs *signa-
       tures, ldns_key_list *key_list, int (*func)(ldns_rr *,  void  *),  void
       *arg);

       ldns_status    ldns_dnssec_zone_create_rrsigs(ldns_dnssec_zone   *zone,
       ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr  *,
       void*), void *arg);




DESCRIPTION

       ldns_dnssec_zone_sign() signs the given zone with the given keys

              zone: the zone to sign
              key_list: the list of keys to sign the zone with
              new_rrs:  newly created resource records are added to this list,
              to free them later
              func: callback function that decides what to do with old  signa-
              tures  This function takes an ldns_rr* and an optional void *arg
              argument,    and     returns     one     of     four     values:
              LDNS_SIGNATURE_LEAVE_ADD_NEW:  leave the signature and add a new
              one for  the  corresponding  key  LDNS_SIGNATURE_REMOVE_ADD_NEW:
              remove the signature and replace is with a new one from the same
              key LDNS_SIGNATURE_LEAVE_NO_ADD: leave the signature and do  not
              add     a     new     one    with    the    corresponding    key
              LDNS_SIGNATURE_REMOVE_NO_ADD: remove the signature  and  do  not
              replace

              arg: optional argument for the callback function
              Returns LDNS_STATUS_OK on success, an error code otherwise


       ldns_dnssec_zone_sign_nsec3()  signs  the given zone with the given new
              zone, with NSEC3

              zone: the zone to sign
              key_list: the list of keys to sign the zone with
              new_rrs: newly created resource records are added to this  list,
              to free them later
              func:  callback function that decides what to do with old signa-
              tures
              arg: optional argument for the callback function
              algorithm: the NSEC3 hashing algorithm to use
              flags: NSEC3 flags
              iterations: the number of NSEC3 hash iterations to use
              salt_length: the length (in octets) of the NSEC3 salt
              salt: the NSEC3 salt data
              Returns LDNS_STATUS_OK on success, an error code otherwise


       ldns_dnssec_zone_mark_glue()


       ldns_dnssec_name_node_next_nonglue() Finds the first  dnssec_name  node
              in the rbtree that is not occluded.  It *does* return names that
              are partially occluded.

              node: the first node to check
              Returns the first node that has not been marked as glue, or NULL
              if not found (TODO: make that LDNS_RBTREE_NULL?)


       ldns_dnssec_zone_create_nsecs()   Adds   NSEC   records  to  the  given
              dnssec_zone

              zone: the zone to add the records to
              new_rrs: ldns_rr's created by this function are added to this rr
              list, so the caller can free them later
              Returns LDNS_STATUS_OK on success, an error code otherwise


       ldns_dnssec_remove_signatures()  remove signatures if callback function
              tells to

              signatures: list of signatures to check,  and  possibly  remove,
              depending on the value of the callback
              key_list:  these  are  marked  to  be used or not, on the return
              value of the callback
              func: this function is called to specify what to  do  with  each
              signature (and corresponding key)
              arg: Optional argument for the callback function
              Returns s pointer to the new signatures rrs (the original passed
              to this function may have been removed)


       ldns_dnssec_zone_create_rrsigs() Adds signatures to the zone

              zone: the zone to add RRSIG Resource Records to
              new_rrs: the RRSIG RRs that are created are also added  to  this
              list, so the caller can free them later
              key_list: list of keys to sign with.
              func:  Callback  function to decide what keys to use and what to
              do with old signatures
              arg: Optional argument for the callback function
              Returns LDNS_STATUS_OK on success, error otherwise



AUTHOR

       The ldns team at NLnet Labs. Which consists out  of  Jelte  Jansen  and
       Miek Gieben.



REPORTING BUGS

       Please  report  bugs  to  ldns-team@nlnetlabs.nl  or in our bugzilla at
       http://www.nlnetlabs.nl/bugs/index.html



COPYRIGHT

       Copyright (c) 2004 - 2006 NLnet Labs.

       Licensed under the BSD License. There is NO warranty; not even for MER-
       CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.



SEE ALSO

       ldns_dnssec_zone(3). And perldoc Net::DNS(3), RFC1034, RFC1035,
       RFC4033, RFC4034  and RFC4035.


REMARKS

       This manpage was automaticly generated from the ldns source code by use
       of Doxygen and some perl.



                                  30 May 2006                          ldns(3)

ldns 1.6.17 - Generated Sun Feb 2 16:29:49 CST 2014
© manpagez.com 2000-2024
Individual documents may contain additional copyright information.