38 #define SE_MAX_RRTYPE_COUNT 65536 40 static const char* denial_str =
"denial";
52 if (!dname || !zoneptr) {
58 ods_log_error(
"[%s] unable to create denial: allocator_alloc() " 59 "failed", denial_str);
62 denial->
dname = dname;
63 denial->
zone = zoneptr;
78 denial_create_bitmap(
denial_type* denial, ldns_rr_type types[],
91 if (dstatus == LDNS_RR_TYPE_SOA) {
94 if (dstatus == LDNS_RR_TYPE_SOA ||
95 rrset->
rrtype == LDNS_RR_TYPE_NS ||
96 rrset->
rrtype == LDNS_RR_TYPE_DS) {
98 types[*types_count] = rrset->
rrtype;
99 *types_count = *types_count + 1;
113 denial_create_nsec3_nxt(ldns_rdf* nxt)
115 ldns_status status = LDNS_STATUS_OK;
116 ldns_rdf* next_owner_label = NULL;
117 ldns_rdf* next_owner_rdf = NULL;
118 char* next_owner_string = NULL;
121 next_owner_label = ldns_dname_label(nxt, 0);
122 if (!next_owner_label) {
124 "ldns_dname_label() failed", denial_str);
127 next_owner_string = ldns_rdf2str(next_owner_label);
128 if (!next_owner_string) {
130 "ldns_rdf2str() failed", denial_str);
131 ldns_rdf_deep_free(next_owner_label);
134 if (next_owner_string[strlen(next_owner_string)-1] ==
'.') {
135 next_owner_string[strlen(next_owner_string)-1] =
'\0';
137 status = ldns_str2rdf_b32_ext(&next_owner_rdf, next_owner_string);
138 if (status != LDNS_STATUS_OK) {
140 "ldns_str2rdf_b32_ext() failed", denial_str);
142 free((
void*)next_owner_string);
143 ldns_rdf_deep_free(next_owner_label);
144 return next_owner_rdf;
156 ldns_rr* nsec_rr = NULL;
157 ldns_rr_type rrtype = LDNS_RR_TYPE_NSEC;
158 ldns_rr_type dstatus = LDNS_RR_TYPE_FIRST;
159 ldns_rdf* rdf = NULL;
162 size_t types_count = 0;
168 nsec_rr = ldns_rr_new();
171 "ldns_rr_new() failed", denial_str);
176 rrtype = LDNS_RR_TYPE_NSEC3;
178 ldns_rr_set_type(nsec_rr, rrtype);
180 rdf = ldns_rdf_clone(denial->
dname);
183 "ldns_rdf_clone(owner) failed", denial_str);
184 ldns_rr_free(nsec_rr);
187 ldns_rr_set_owner(nsec_rr, rdf);
192 ldns_rr_push_rdf(nsec_rr, NULL);
199 rdf = denial_create_nsec3_nxt(nxt->
dname);
201 rdf = ldns_rdf_clone(nxt->
dname);
205 "create next field failed", denial_str);
206 ldns_rr_free(nsec_rr);
209 ldns_rr_push_rdf(nsec_rr, rdf);
211 denial_create_bitmap(denial, types, &types_count);
215 if (dstatus == LDNS_RR_TYPE_SOA) {
217 if (dstatus != LDNS_RR_TYPE_NS && domain->
rrsets) {
219 types[types_count] = LDNS_RR_TYPE_RRSIG;
225 types[types_count] = LDNS_RR_TYPE_RRSIG;
227 types[types_count] = LDNS_RR_TYPE_NSEC;
230 rdf = ldns_dnssec_create_nsec_bitmap(types, types_count, rrtype);
233 "ldns_dnssec_create_nsec_bitmap() failed", denial_str);
234 ldns_rr_free(nsec_rr);
237 ldns_rr_push_rdf(nsec_rr, rdf);
238 ldns_rr_set_ttl(nsec_rr, ttl);
239 ldns_rr_set_class(nsec_rr, klass);
251 if (denial && denial->
rrset) {
272 if (!denial->
rrset) {
278 if (!denial->
rrset) {
287 record->
owner = (
void*) denial;
302 ldns_rr* nsec_rr = NULL;
311 nsec_rr = denial_create_nsec(denial, nxt, zone->
default_ttl,
315 "failed", denial_str);
333 if (!denial || !fd) {
335 ods_log_crit(
"[%s] unable to print denial: denial of fd missing",
360 ldns_rdf_deep_free(denial->
dname);
void ods_log_alert(const char *format,...)
void rrset_cleanup(rrset_type *rrset)
denial_type * denial_create(void *zoneptr, ldns_rdf *dname)
void denial_cleanup(denial_type *denial)
void * allocator_alloc(allocator_type *allocator, size_t size)
void ods_fatal_exit(const char *format,...)
rrset_type * rrset_create(void *zoneptr, ldns_rr_type type)
enum ods_enum_status ods_status
rr_type * rrset_add_rr(rrset_type *rrset, ldns_rr *rr)
void ods_log_error(const char *format,...)
void ods_log_crit(const char *format,...)
void denial_print(FILE *fd, denial_type *denial, ods_status *status)
ldns_rr_type domain_is_delegpt(domain_type *domain)
ldns_rr_type domain_is_occluded(domain_type *domain)
#define SE_NSEC3_RDATA_NSEC3PARAMS
void denial_add_rr(denial_type *denial, ldns_rr *rr)
allocator_type * allocator
void denial_diff(denial_type *denial)
nsec3params_type * nsec3params
#define SE_MAX_RRTYPE_COUNT
void allocator_deallocate(allocator_type *allocator, void *data)
void rrset_diff(rrset_type *rrset, unsigned is_ixfr, unsigned more_coming)
#define ods_log_assert(x)
void denial_nsecify(denial_type *denial, denial_type *nxt, uint32_t *num_added)
void rrset_print(FILE *fd, rrset_type *rrset, int skip_rrsigs, ods_status *status)