Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
ldns(3)			   Library Functions Manual		       ldns(3)

NAME
       ldns_dnssec_data_chain,			ldns_dnssec_data_chain_struct,
       ldns_dnssec_trust_tree -	data structures	for validation chains

SYNOPSIS
       #include	<stdint.h>
       #include	<stdbool.h>

       #include	<ldns/ldns.h>

	ldns_dnssec_data_chain_struct();

DESCRIPTION

       ldns_dnssec_data_chain
	      Chain structure that contains all	DNSSEC data needed to
	      verify an	rrset
	      struct ldns_dnssec_data_chain_struct
	      {
		   ldns_rr_list	*rrset;
		   ldns_rr_list	*signatures;
		   ldns_rr_type	parent_type;
		   ldns_dnssec_data_chain *parent;
		   ldns_pkt_rcode packet_rcode;
		   ldns_rr_type	packet_qtype;
		   bool	packet_nodata;
	      };

	      typedef		struct		 ldns_dnssec_data_chain_struct
	      ldns_dnssec_data_chain;

       ldns_dnssec_data_chain_struct()

       ldns_dnssec_trust_tree
	      Tree structure that contains the relation	of DNSSEC data,
	      and their	cryptographic status.

	      This tree	is derived from	a data_chain, and can be used
	      to look whether there is a connection between an RRSET
	      and a trusted key. The tree only contains	pointers to the
	      data_chain, and therefore	one should *never* free() the
	      data_chain when there is still a trust tree derived from
	      that chain.

	      Example tree:
		  key	key    key
		    \	 |    /
		     \	 |   /
		      \	 |  /
			 ds
			 |
			key
			 |
			key
			 |
			 rr

	      For each signature there is a parent; if the parent
	      pointer is null, it couldn't be found and	there was no
	      denial; otherwise	is a tree which	contains either	a
	      DNSKEY, a	DS, or a NSEC rr
	      struct ldns_dnssec_trust_tree_struct
	      {
		   ldns_rr *rr;
		   /* the complete rrset this rr was in	*/
		   ldns_rr_list	*rrset;
		   ldns_dnssec_trust_tree				 *par-
	      ents[LDNS_DNSSEC_TRUST_TREE_MAX_PARENTS];
		   ldns_status	 parent_status[LDNS_DNSSEC_TRUST_TREE_MAX_PAR-
	      ENTS];
		   /** for debugging, add signatures too (you might want
		       those if	they contain errors) */
		   ldns_rr   *parent_signature[LDNS_DNSSEC_TRUST_TREE_MAX_PAR-
	      ENTS];
		   size_t parent_count;
	      };

	      typedef		struct		 ldns_dnssec_trust_tree_struct
	      ldns_dnssec_trust_tree;

AUTHOR
       The ldns	team at	NLnet Labs.

REPORTING BUGS
       Please	report	 bugs	to   dns-team@nlnetlabs.nl  or	on  GitHub  at
       https://github.com/NLnetLabs/ldns/issues

COPYRIGHT
       Copyright (c) 2004 - 2006 NLnet Labs.

       Licensed	under the BSD License. There is	NO warranty; not even for MER-
       CHANTABILITY or FITNESS FOR A PARTICULAR	PURPOSE.

SEE ALSO
       ldns_dnssec_data_chain_new,		   ldns_dnssec_trust_tree_new,
       ldns_dnssec_verify_denial.   And	 perldoc  Net::DNS,  RFC1034, RFC1035,
       RFC4033,	RFC4034	 and RFC4035.

REMARKS
       This manpage was	automatically generated	from the ldns source code.

				  30 May 2006			       ldns(3)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ldns_dnssec_data_chain&sektion=3&manpath=FreeBSD+Ports+14.3.quarterly>

home | help