diff options
Diffstat (limited to 'usr.sbin/nsd/nsec3.h')
| -rw-r--r-- | usr.sbin/nsd/nsec3.h | 86 |
1 files changed, 55 insertions, 31 deletions
diff --git a/usr.sbin/nsd/nsec3.h b/usr.sbin/nsd/nsec3.h index d55b4825394..96c4367ff33 100644 --- a/usr.sbin/nsd/nsec3.h +++ b/usr.sbin/nsd/nsec3.h @@ -1,7 +1,7 @@ /* * nsec3.h -- nsec3 handling. * - * Copyright (c) 2001-2011, NLnet Labs. All rights reserved. + * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. * * See LICENSE for the license. * @@ -9,9 +9,8 @@ #ifndef NSEC3_H #define NSEC3_H -#include "config.h" #ifdef NSEC3 - +struct udb_ptr; struct domain; struct dname; struct region; @@ -19,40 +18,23 @@ struct zone; struct namedb; struct query; struct answer; -#ifndef FULL_PREHASH struct rr; -struct nsec3_domain; -#endif /* - * Create the hashed name of the nsec3 record - * for the given dname. + * calculate prehash information for zone. */ -const struct dname *nsec3_hash_dname(struct region *region, - struct zone *zone, const struct dname *dname); - +void prehash_zone(struct namedb* db, struct zone* zone); /* - * calculate prehash information for all zones, - * selects only updated=1 zones if bool set. + * calculate prehash for zone, assumes no partial precompile or prehashlist */ -void prehash(struct namedb* db, int updated_only); -#ifndef FULL_PREHASH -void prehash_zone(struct namedb *db, struct zone *zone); -void prehash_zone_incremental(struct namedb *db, struct zone *zone); -#endif +void prehash_zone_complete(struct namedb* db, struct zone* zone); /* - * finds nsec3 that covers the given domain dname. + * finds nsec3 that covers the given domain hash. * returns true if the find is exact. - * hashname is the already hashed dname for the NSEC3. */ -#ifdef FULL_PREHASH -int nsec3_find_cover(struct namedb* db, struct zone* zone, - const struct dname* hashname, struct domain** result); -#else -int nsec3_find_cover(struct namedb* ATTR_UNUSED(db), struct zone* zone, - const struct dname* hashname, struct nsec3_domain** result); -#endif +int nsec3_find_cover(struct zone* zone, uint8_t* hash, size_t hashlen, + struct domain** result); /* * _answer_ Routines used to add the correct nsec3 record to a query answer. @@ -62,9 +44,8 @@ int nsec3_find_cover(struct namedb* ATTR_UNUSED(db), struct zone* zone, * add proof for wildcards that the name below the wildcard.parent * does not exist */ -void nsec3_answer_wildcard(struct query *query, struct answer *answer, - struct domain *wildcard, struct namedb* db, - const struct dname *qname); +void nsec3_answer_wildcard(struct query* query, struct answer* answer, + struct domain* wildcard, const struct dname* qname); /* * add NSEC3 to provide domain name but not rrset exists, @@ -84,7 +65,7 @@ void nsec3_answer_delegation(struct query *query, struct answer *answer); */ void nsec3_answer_authoritative(struct domain** match, struct query *query, struct answer *answer, struct domain* closest_encloser, - struct namedb* db, const struct dname* qname); + const struct dname* qname); /* * True if domain is a NSEC3 (+RRSIG) data only variety. @@ -92,5 +73,48 @@ void nsec3_answer_authoritative(struct domain** match, struct query *query, */ int domain_has_only_NSEC3(struct domain* domain, struct zone* zone); +/* get hashed bytes */ +void nsec3_hash_and_store(struct zone* zone, const struct dname* dname, + uint8_t* store); +/* see if NSEC3 record uses the params in use for the zone */ +int nsec3_rr_uses_params(struct rr* rr, struct zone* zone); +/* number of NSEC3s that are in the zone chain */ +int nsec3_in_chain_count(struct domain* domain, struct zone* zone); +/* find previous NSEC3, or, lastinzone, or, NULL */ +struct domain* nsec3_chain_find_prev(struct zone* zone, struct domain* domain); +/* clear nsec3 precompile for the zone */ +void nsec3_clear_precompile(struct namedb* db, struct zone* zone); +/* if domain is part of nsec3hashed domains of a zone */ +int nsec3_domain_part_of_zone(struct domain* d, struct zone* z); +/* condition when a domain is precompiled */ +int nsec3_condition_hash(struct domain* d, struct zone* z); +/* condition when a domain is ds precompiled */ +int nsec3_condition_dshash(struct domain* d, struct zone* z); +/* set nsec3param for this zone or NULL if no NSEC3 available */ +void nsec3_find_zone_param(struct namedb* db, struct zone* zone, + struct udb_ptr* z); +/* hash domain and wcchild, and lookup nsec3 in tree, and precompile */ +void nsec3_precompile_domain(struct namedb* db, struct domain* domain, + struct zone* zone, struct region* tmpregion); +/* hash ds_parent_cover, and lookup nsec3 and precompile */ +void nsec3_precompile_domain_ds(struct namedb* db, struct domain* domain, + struct zone* zone); +/* put nsec3 into nsec3tree and adjust zonelast */ +void nsec3_precompile_nsec3rr(struct namedb* db, struct domain* domain, + struct zone* zone); +/* precompile entire zone, assumes all is null at start */ +void nsec3_precompile_newparam(struct namedb* db, struct zone* zone); +/* create b32.zone for a hash, allocated in the region */ +const struct dname* nsec3_b32_create(struct region* region, struct zone* zone, + unsigned char* hash); +/* create trees for nsec3 updates and lookups in zone */ +void nsec3_zone_trees_create(struct region* region, struct zone* zone); +/* clear trees for nsec3 in zone */ +void nsec3_hash_tree_clear(struct zone* zone); +/* lookup zone that contains domain's nsec3 trees */ +struct zone* nsec3_tree_zone(struct namedb* db, struct domain* domain); +/* lookup zone that contains domain's ds tree */ +struct zone* nsec3_tree_dszone(struct namedb* db, struct domain* domain); + #endif /* NSEC3 */ #endif /* NSEC3_H*/ |