1ldns(3)                    Library Functions Manual                    ldns(3)
2
3
4

NAME

6       ldns_dnssec_data_chain, ldns_dnssec_data_chain_struct,
7       ldns_dnssec_trust_tree - data structures for validation chains
8
9

SYNOPSIS

11       #include <stdint.h>
12       #include <stdbool.h>
13
14       #include <ldns/ldns.h>
15
16        ldns_dnssec_data_chain_struct();
17

DESCRIPTION

19       ldns_dnssec_data_chain
20              Chain structure that contains all DNSSEC data needed to
21              verify an rrset
22              struct ldns_dnssec_data_chain_struct
23              {
24                   ldns_rr_list *rrset;
25                   ldns_rr_list *signatures;
26                   ldns_rr_type parent_type;
27                   ldns_dnssec_data_chain *parent;
28                   ldns_pkt_rcode packet_rcode;
29                   ldns_rr_type packet_qtype;
30                   bool packet_nodata;
31              };
32
33              typedef struct ldns_dnssec_data_chain_struct
34              ldns_dnssec_data_chain;
35
36       ldns_dnssec_data_chain_struct()
37
38       ldns_dnssec_trust_tree
39              Tree structure that contains the relation of DNSSEC data,
40              and their cryptographic status.
41
42              This tree is derived from a data_chain, and can be used
43              to look whether there is a connection between an RRSET
44              and a trusted key. The tree only contains pointers to the
45              data_chain, and therefore one should *never* free() the
46              data_chain when there is still a trust tree derived from
47              that chain.
48
49              Example tree:
50                  key   key    key
51                    \    |    /
52                     \   |   /
53                      \  |  /
54                         ds
55                         |
56                        key
57                         |
58                        key
59                         |
60                         rr
61
62              For each signature there is a parent; if the parent
63              pointer is null, it couldn't be found and there was no
64              denial; otherwise is a tree which contains either a
65              DNSKEY, a DS, or a NSEC rr
66              struct ldns_dnssec_trust_tree_struct
67              {
68                   ldns_rr *rr;
69                   /* the complete rrset this rr was in */
70                   ldns_rr_list *rrset;
71                   ldns_dnssec_trust_tree *par‐
72              ents[LDNS_DNSSEC_TRUST_TREE_MAX_PARENTS];
73                   ldns_status parent_status[LDNS_DNSSEC_TRUST_TREE_MAX_PAR‐
74              ENTS];
75                   /** for debugging, add signatures too (you might want
76                       those if they contain errors) */
77                   ldns_rr *parent_signature[LDNS_DNSSEC_TRUST_TREE_MAX_PAR‐
78              ENTS];
79                   size_t parent_count;
80              };
81
82              typedef struct ldns_dnssec_trust_tree_struct
83              ldns_dnssec_trust_tree;
84

AUTHOR

86       The ldns team at NLnet Labs.
87
88

REPORTING BUGS

90       Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
91       http://www.nlnetlabs.nl/bugs/index.html
92
93

COPYRIGHT

95       Copyright (c) 2004 - 2006 NLnet Labs.
96
97       Licensed under the BSD License. There is NO warranty; not even for MER‐
98       CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
99
100

SEE ALSO

102       ldns_dnssec_data_chain_new, ldns_dnssec_trust_tree_new,
103       ldns_dnssec_verify_denial.  And perldoc Net::DNS, RFC1034, RFC1035,
104       RFC4033, RFC4034  and RFC4035.
105

REMARKS

107       This manpage was automatically generated from the ldns source code.
108
109
110
111                                  30 May 2006                          ldns(3)