From 838b0fdf110b156508045589d685fc5f13e99e4e Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Tue, 13 Sep 2016 18:25:48 -0400 Subject: ./tools/notsd-move --- .../systemd-resolved/resolved-dns-trust-anchor.h | 43 ++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 src/grp-resolve/systemd-resolved/resolved-dns-trust-anchor.h (limited to 'src/grp-resolve/systemd-resolved/resolved-dns-trust-anchor.h') diff --git a/src/grp-resolve/systemd-resolved/resolved-dns-trust-anchor.h b/src/grp-resolve/systemd-resolved/resolved-dns-trust-anchor.h new file mode 100644 index 0000000000..ee5cda0748 --- /dev/null +++ b/src/grp-resolve/systemd-resolved/resolved-dns-trust-anchor.h @@ -0,0 +1,43 @@ +#pragma once + +/*** + This file is part of systemd. + + Copyright 2015 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see . +***/ + +#include "basic/hashmap.h" +#include "resolved-dns-answer.h" +#include "resolved-dns-rr.h" + +typedef struct DnsTrustAnchor DnsTrustAnchor; + +/* This contains a fixed database mapping domain names to DS or DNSKEY records. */ + +struct DnsTrustAnchor { + Hashmap *positive_by_key; + Set *negative_by_name; + Set *revoked_by_rr; +}; + +int dns_trust_anchor_load(DnsTrustAnchor *d); +void dns_trust_anchor_flush(DnsTrustAnchor *d); + +int dns_trust_anchor_lookup_positive(DnsTrustAnchor *d, const DnsResourceKey* key, DnsAnswer **answer); +int dns_trust_anchor_lookup_negative(DnsTrustAnchor *d, const char *name); + +int dns_trust_anchor_check_revoked(DnsTrustAnchor *d, DnsResourceRecord *dnskey, DnsAnswer *rrs); +int dns_trust_anchor_is_revoked(DnsTrustAnchor *d, DnsResourceRecord *rr); -- cgit v1.2.3-54-g00ecf