1ldns(3) Library Functions Manual ldns(3)
2
6 ldns_dnssec_zone_sign, ldns_dnssec_zone_sign_nsec3,
7 ldns_dnssec_zone_mark_glue, ldns_dnssec_name_node_next_nonglue,
8 ldns_dnssec_zone_create_nsecs, ldns_dnssec_remove_signatures,
9 ldns_dnssec_zone_create_rrsigs
10
13 #include <stdint.h>
14 #include <stdbool.h>
15 #include <ldns/ldns.h>
17 ldns_status ldns_dnssec_zone_sign(ldns_dnssec_zone *zone, ldns_rr_list
19 *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void
20 *arg);
21 ldns_status ldns_dnssec_zone_sign_nsec3(ldns_dnssec_zone *zone,
23 ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *,
24 void *), void *arg, uint8_t algorithm, uint8_t flags, uint16_t itera‐
25 tions, uint8_t salt_length, uint8_t *salt);
26 ldns_dnssec_zone_mark_glue();
28 ldns_rbnode_t* ldns_dnssec_name_node_next_nonglue(ldns_rbnode_t *node);
30 ldns_status ldns_dnssec_zone_create_nsecs(ldns_dnssec_zone *zone,
32 ldns_rr_list *new_rrs);
33 ldns_dnssec_rrs* ldns_dnssec_remove_signatures(ldns_dnssec_rrs *signa‐
35 tures, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void
36 *arg);
37 ldns_status ldns_dnssec_zone_create_rrsigs(ldns_dnssec_zone *zone,
39 ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *,
40 void*), void *arg);
41
43 ldns_dnssec_zone_sign() signs the given zone with the given keys
44 zone: the zone to sign
46 key_list: the list of keys to sign the zone with
47 new_rrs: newly created resource records are added to this list,
48 to free them later
49 func: callback function that decides what to do with old signa‐
50 tures
51 This function takes an ldns_rr* and an optional void
52 *arg argument, and returns one of four values: LDNS_SIGNA‐
53 TURE_LEAVE_ADD_NEW: leave the signature and add a new one for
54 the corresponding key LDNS_SIGNATURE_REMOVE_ADD_NEW: remove the
55 signature and replace is with a new one from the same key
56 LDNS_SIGNATURE_LEAVE_NO_ADD: leave the signature and do not add
57 a new one with the corresponding key LDNS_SIGNA‐
58 TURE_REMOVE_NO_ADD: remove the signature and do not replace
59 arg: optional argument for the callback function
61 Returns LDNS_STATUS_OK on success, an error code otherwise
62 ldns_dnssec_zone_sign_nsec3() signs the given zone with the given new
64 zone, with NSEC3
65 zone: the zone to sign
67 key_list: the list of keys to sign the zone with
68 new_rrs: newly created resource records are added to this list,
69 to free them later
70 func: callback function that decides what to do with old signa‐
71 tures
72 arg: optional argument for the callback function
73 algorithm: the NSEC3 hashing algorithm to use
74 flags: NSEC3 flags
75 iterations: the number of NSEC3 hash iterations to use
76 salt_length: the length (in octets) of the NSEC3 salt
77 salt: the NSEC3 salt data
78 Returns LDNS_STATUS_OK on success, an error code otherwise
79 ldns_dnssec_zone_mark_glue()
81 ldns_dnssec_name_node_next_nonglue() Finds the first dnssec_name node
83 in the rbtree that is not occluded. It *does* return names that
84 are partially occluded.
85 node: the first node to check
87 Returns the first node that has not been marked as glue, or NULL
88 if not found (TODO: make that LDNS_RBTREE_NULL?)
89 ldns_dnssec_zone_create_nsecs() Adds NSEC records to the given
91 dnssec_zone
92 zone: the zone to add the records to
94 new_rrs: ldns_rr's created by this function are
95 added to this rr list, so the caller can free them
96 later
97 Returns LDNS_STATUS_OK on success, an error code otherwise
98 ldns_dnssec_remove_signatures() remove signatures if callback function
100 tells to
101 signatures: list of signatures to check, and
103 possibly remove, depending on the value of the
104 callback
105 key_list: these are marked to be used or not,
106 on the return value of the callback
107 func: this function is called to specify what to
108 do with each signature (and corresponding key)
109 arg: Optional argument for the callback function
110 Returns s pointer to the new signatures rrs (the original
111 passed to this function may have been removed)
112 ldns_dnssec_zone_create_rrsigs() Adds signatures to the zone
114 zone: the zone to add RRSIG Resource Records to
116 new_rrs: the RRSIG RRs that are created are also
117 added to this list, so the caller can free them
118 later
119 key_list: list of keys to sign with.
120 func: Callback function to decide what keys to
121 use and what to do with old signatures
122 arg: Optional argument for the callback function
123 Returns LDNS_STATUS_OK on success, error otherwise
124
126 The ldns team at NLnet Labs. Which consists out of Jelte Jansen and
127 Miek Gieben.
128
131 Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
132 http://www.nlnetlabs.nl/bugs/index.html
133
136 Copyright (c) 2004 - 2006 NLnet Labs.
137 Licensed under the BSD License. There is NO warranty; not even for MER‐
139 CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
140
143 ldns_dnssec_zone. And perldoc Net::DNS, RFC1034, RFC1035, RFC4033,
144 RFC4034 and RFC4035.
145
147 This manpage was automaticly generated from the ldns source code by use
148 of Doxygen and some perl.
149 30 May 2006 ldns(3)