1ldns(3)                    Library Functions Manual                    ldns(3)
2
3
4

NAME

6       ldns_dnssec_data_chain, ldns_dnssec_data_chain_struct,
7       ldns_dnssec_trust_tree - data structures for validation chains
8
9

SYNOPSIS

11       #include <stdint.h>
12       #include <stdbool.h>
13
14       #include <ldns/ldns.h>
15
16        ldns_dnssec_data_chain_struct();
17

DESCRIPTION

19       ldns_dnssec_data_chain
20              Chain structure that contains all DNSSEC data needed to
21              verify an rrset
22              struct ldns_dnssec_data_chain_struct
23              {
24                   ldns_rr_list *rrset;
25                   ldns_rr_list *signatures;
26                   ldns_rr_type parent_type;
27                   ldns_dnssec_data_chain *parent;
28                   ldns_pkt_rcode packet_rcode;
29                   ldns_rr_type packet_qtype;
30                   bool packet_nodata;
31              };
32
33              typedef struct ldns_dnssec_data_chain_struct
34              ldns_dnssec_data_chain;
35
36       ldns_dnssec_data_chain_struct()
37
38       ldns_dnssec_trust_tree
39              Tree structure that contains the relation of DNSSEC data,
40              and their cryptographic status.
41
42              This tree is derived from a data_chain, and can be used
43              to look whether there is a connection between an RRSET
44              and a trusted key. The tree only contains pointers to the
45              data_chain, and therefore one should *never* free() the
46              data_chain when there is still a trust tree derived from
47              that chain.
48
49              Example tree:
50                  key   key    key
51                    \    |    /
52                     \   |   /
53                      \  |  /
54                         ds
55                         |
56                        key
57                         |
58                        key
59                         |
60                         rr
61
62              For each signature there is a parent; if the parent
63              pointer is null, it couldn't be found and there was no
64              denial; otherwise is a tree which contains either a
65              DNSKEY, a DS, or a NSEC rr
66              struct ldns_dnssec_trust_tree_struct
67              {
68                   ldns_rr *rr;
69                   /* the complete rrset this rr was in */
70                   ldns_rr_list *rrset;
71                   ldns_dnssec_trust_tree *par‐
72              ents[LDNS_DNSSEC_TRUST_TREE_MAX_PARENTS];
73                   ldns_status parent_status[LDNS_DNSSEC_TRUST_TREE_MAX_PAR‐
74              ENTS];
75                   /** for debugging, add signatures too (you might want
76                       those if they contain errors) */
77                   ldns_rr *parent_signature[LDNS_DNSSEC_TRUST_TREE_MAX_PAR‐
78              ENTS];
79                   size_t parent_count;
80              };
81
82              typedef struct ldns_dnssec_trust_tree_struct
83              ldns_dnssec_trust_tree;
84

AUTHOR

86       The ldns team at NLnet Labs. Which consists out of Jelte Jansen and
87       Miek Gieben.
88
89

REPORTING BUGS

91       Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
92       http://www.nlnetlabs.nl/bugs/index.html
93
94
96       Copyright (c) 2004 - 2006 NLnet Labs.
97
98       Licensed under the BSD License. There is NO warranty; not even for MER‐
99       CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
100
101

SEE ALSO

103       ldns_dnssec_data_chain_new, ldns_dnssec_trust_tree_new,
104       ldns_dnssec_verify_denial.  And perldoc Net::DNS, RFC1034, RFC1035,
105       RFC4033, RFC4034  and RFC4035.
106

REMARKS

108       This manpage was automatically generated from the ldns source code by
109       use of Doxygen and some perl.
110
111
112
113                                  30 May 2006                          ldns(3)
Impressum