autotrust.h File Reference

Contains autotrust definitions. More...

#include "util/rbtree.h"
#include "util/data/packed_rrset.h"

Data Structures
struct	autr_ta
	Autotrust metadata for one trust anchor key. More...
struct	autr_point_data
	Autotrust metadata for a trust point. More...
struct	autr_global_data
	Autotrust global metadata. More...
Enumerations
enum	autr_state_t {   AUTR_STATE_START = 0, AUTR_STATE_ADDPEND = 1, AUTR_STATE_VALID = 2, AUTR_STATE_MISSING = 3,   AUTR_STATE_REVOKED = 4, AUTR_STATE_REMOVED = 5 }
	Autotrust anchor states.
Functions
struct autr_global_data *	autr_global_create (void)
	Create new global 5011 data structure.
void	autr_global_delete (struct autr_global_data *global)
	Delete global 5011 data structure.
size_t	autr_get_num_anchors (struct val_anchors *anchors)
	See if autotrust anchors are configured and how many.
uint32_t	autr_probe_timer (struct module_env *env)
	Process probe timer.
int	probetree_cmp (const void *x, const void *y)
	probe tree compare function
int	autr_read_file (struct val_anchors *anchors, const char *nm)
	Read autotrust file.
void	autr_write_file (struct module_env *env, struct trust_anchor *tp)
	Write autotrust file.
void	autr_point_delete (struct trust_anchor *tp)
	Delete autr anchor, deletes the autr data but does not do unlinking from trees, caller does that.
int	autr_process_prime (struct module_env *env, struct val_env *ve, struct trust_anchor *tp, struct ub_packed_rrset_key *dnskey_rrset)
	Perform autotrust processing.
void	autr_debug_print (struct val_anchors *anchors)
	Debug printout of rfc5011 tracked anchors.
void	probe_answer_cb (void *arg, int rcode, ldns_buffer *buf, enum sec_status sec, char *errinf)
	callback for query answer to 5011 probe

---

Detailed Description

Contains autotrust definitions.

---

Function Documentation

struct autr_global_data* autr_global_create

(

void

)

[read]

Create new global 5011 data structure.

Returns:

new structure or NULL on malloc failure.

References rbtree_init(), autr_global_data::probe, and probetree_cmp().

Referenced by anchors_create().

void autr_global_delete

(

struct autr_global_data *

global

)

Delete global 5011 data structure.

Parameters:

global,:

global autotrust state to delete.

Referenced by anchors_delete().

size_t autr_get_num_anchors

(

struct val_anchors *

anchors

)

See if autotrust anchors are configured and how many.

Parameters:

anchors,:

the trust anchors structure.

Returns:

number of autotrust trust anchors

References val_anchors::lock, val_anchors::autr, autr_global_data::probe, and rbtree_t::count.

Referenced by worker_init().

uint32_t autr_probe_timer

(

struct module_env *

env

)

Process probe timer.

Add new probes if needed.

Parameters:

env,:

module environment with time, with anchors and with the mesh.

Returns:

time of next probe (in seconds from now). If 0, then there is no next probe anymore (trust points deleted).

References verbose(), VERB_ALGO, todo_probe(), probe_anchor(), regional_free_all(), and module_env::scratch.

Referenced by worker_probe_timer_cb().

int autr_read_file	(	struct val_anchors *	anchors,
		const char *	nm
	)

Read autotrust file.

Parameters:

anchors,:	the anchors structure.
nm,:	name of the file (copied).

Returns:

false on failure.

References log_err(), verbose(), VERB_ALGO, read_multiline(), parse_var_line(), log_warn(), str_contains_data(), handle_origin(), load_trustanchor(), trust_anchor::lock, and autr_assemble().

Referenced by anchors_apply_cfg().

void autr_write_file	(	struct module_env *	env,
		struct trust_anchor *	tp
	)

Write autotrust file.

Parameters:

env,:	environment with scratch space.
tp,:	trust point to write.

References trust_anchor::autr, autr_point_data::file, log_assert, module_env::worker, verbose(), VERB_ALGO, and log_err().

Referenced by autr_tp_remove(), and autr_process_prime().

void autr_point_delete

(

struct trust_anchor *

tp

)

Delete autr anchor, deletes the autr data but does not do unlinking from trees, caller does that.

Parameters:

tp,:	trust point to delete.

References trust_anchor::lock, trust_anchor::autr, autr_rrset_delete(), trust_anchor::ds_rrset, trust_anchor::dnskey_rrset, autr_point_data::keys, autr_ta::next, autr_ta::rr, autr_point_data::file, and trust_anchor::name.

Referenced by autr_tp_remove(), and anchors_delfunc().

int autr_process_prime	(	struct module_env *	env,
		struct val_env *	ve,
		struct trust_anchor *	tp,
		struct ub_packed_rrset_key *	dnskey_rrset
	)

Perform autotrust processing.

Parameters:

env,:	qstate environment with the anchors structure.
ve,:	validator environment for verification of rrsigs.
tp,:	trust anchor to process.
dnskey_rrset,:	DNSKEY rrset probed (can be NULL if bad prime result). allocated in a region. Has not been validated yet.

Returns:

false if trust anchor was revoked completely. Otherwise logs errors to log, does not change return value. On errors, likely the trust point has been unchanged.

References log_assert, trust_anchor::autr, autr_point_data::revoked, log_nametypeclass(), VERB_ALGO, trust_anchor::name, trust_anchor::dclass, trust_anchor::lock, autr_point_data::last_queried, module_env::now, autr_holddown_exceed(), verbose(), autr_assemble(), log_err(), check_contains_revoked(), trust_anchor::ds_rrset, trust_anchor::dnskey_rrset, autr_point_data::last_success, autr_tp_remove(), verify_dnskey(), autr_point_data::query_failed, autr_write_file(), update_events(), do_statetable(), autr_cleanup_keys(), and set_next_probe().

Referenced by process_prime_response().

void autr_debug_print

(

struct val_anchors *

anchors

)

Debug printout of rfc5011 tracked anchors.

Parameters:

anchors,:

all the anchors.

References val_anchors::lock, RBTREE_FOR, val_anchors::tree, trust_anchor::lock, and autr_debug_print_tp().

Referenced by anchors_apply_cfg().