Contains autotrust definitions. More...

#include "util/rbtree.h"
#include "util/data/packed_rrset.h"

Data Structures
struct	autr_ta
	Autotrust metadata for one trust anchor key. More...

struct	autr_point_data
	Autotrust metadata for a trust point. More...

struct	autr_global_data
	Autotrust global metadata. More...

Enumerations
enum	autr_state_type { AUTR_STATE_START = 0 , AUTR_STATE_ADDPEND = 1 , AUTR_STATE_VALID = 2 , AUTR_STATE_MISSING = 3 , AUTR_STATE_REVOKED = 4 , AUTR_STATE_REMOVED = 5 }
	Autotrust anchor states.

Functions
struct autr_global_data *	autr_global_create (void)
	Create new global 5011 data structure.

void	autr_global_delete (struct autr_global_data *global)
	Delete global 5011 data structure.

size_t	autr_get_num_anchors (struct val_anchors *anchors)
	See if autotrust anchors are configured and how many.

time_t	autr_probe_timer (struct module_env *env)
	Process probe timer.

int	probetree_cmp (const void x, const void y)
	probe tree compare function

int	autr_read_file (struct val_anchors anchors, const char nm)
	Read autotrust file.

void	autr_write_file (struct module_env env, struct trust_anchor tp)
	Write autotrust file.

void	autr_point_delete (struct trust_anchor *tp)
	Delete autr anchor, deletes the autr data but does not do unlinking from trees, caller does that.

int	autr_process_prime (struct module_env env, struct val_env ve, struct trust_anchor tp, struct ub_packed_rrset_key dnskey_rrset, struct module_qstate *qstate)
	Perform autotrust processing.

void	autr_debug_print (struct val_anchors *anchors)
	Debug printout of rfc5011 tracked anchors.

void	probe_answer_cb (void arg, int rcode, struct sldns_buffer buf, enum sec_status sec, char *errinf, int was_ratelimited)
	callback for query answer to 5011 probe

Detailed Description

Contains autotrust definitions.

Function Documentation

◆ autr_global_create()

struct autr_global_data * autr_global_create ( void )

Create new global 5011 data structure.

Returns: new structure or NULL on malloc failure.

References autr_global_data::probe, probetree_cmp(), and rbtree_init().

Referenced by anchors_create().

◆ autr_global_delete()

void autr_global_delete ( struct autr_global_data * global )

Delete global 5011 data structure.

Parameters

global global autotrust state to delete.

Referenced by anchors_delete().

◆ autr_get_num_anchors()

size_t autr_get_num_anchors ( struct val_anchors * anchors )

See if autotrust anchors are configured and how many.

Parameters

anchors the trust anchors structure.

Returns: number of autotrust trust anchors

References val_anchors::autr, rbtree_type::count, val_anchors::lock, and autr_global_data::probe.

Referenced by worker_init().

◆ autr_probe_timer()

time_t autr_probe_timer ( struct module_env * env )

Process probe timer.

Add new probes if needed.

Parameters

env	module environment with time, with anchors and with the mesh.

Returns: time of next probe (in seconds from now). If 0, then there is no next probe anymore (trust points deleted).

References autr_permit_small_holddown, probe_anchor(), regional_free_all(), module_env::scratch, todo_probe(), VERB_ALGO, and verbose().

Referenced by worker_probe_timer_cb().

◆ autr_read_file()

int autr_read_file	(	struct val_anchors *	anchors,
		const char *	nm
	)

Read autotrust file.

Parameters

anchors	the anchors structure.
nm	name of the file (copied).

Returns: false on failure.

References autr_assemble(), handle_origin(), load_trustanchor(), trust_anchor::lock, log_err(), log_warn(), parse_var_line(), read_multiline(), str_contains_data(), VERB_ALGO, and verbose().

Referenced by anchors_apply_cfg().

◆ autr_write_file()

void autr_write_file	(	struct module_env *	env,
		struct trust_anchor *	tp
	)

Write autotrust file.

Parameters

env	environment with scratch space.
tp	trust point to write.

References trust_anchor::autr, fatal_exit(), autr_point_data::file, log_assert, log_err(), VERB_ALGO, verbose(), and module_env::worker.

Referenced by autr_process_prime(), and autr_tp_remove().

◆ autr_point_delete()

void autr_point_delete ( struct trust_anchor * tp )

Delete autr anchor, deletes the autr data but does not do unlinking from trees, caller does that.

Parameters

tp	trust point to delete.

References trust_anchor::autr, autr_rrset_delete(), trust_anchor::dnskey_rrset, trust_anchor::ds_rrset, autr_point_data::file, autr_point_data::keys, trust_anchor::lock, trust_anchor::name, autr_ta::next, and autr_ta::rr.

Referenced by anchors_delfunc(), and autr_tp_remove().

◆ autr_process_prime()

int autr_process_prime	(	struct module_env *	env,
		struct val_env *	ve,
		struct trust_anchor *	tp,
		struct ub_packed_rrset_key *	dnskey_rrset,
		struct module_qstate *	qstate
	)

Perform autotrust processing.

Parameters

env	qstate environment with the anchors structure.
ve	validator environment for verification of rrsigs.
tp	trust anchor to process.
dnskey_rrset	DNSKEY rrset probed (can be NULL if bad prime result). allocated in a region. Has not been validated yet.
qstate	qstate with region.

Returns: false if trust anchor was revoked completely. Otherwise logs errors to log, does not change return value. On errors, likely the trust point has been unchanged.

References trust_anchor::autr, autr_assemble(), autr_cleanup_keys(), autr_holddown_exceed(), autr_tp_remove(), autr_write_file(), check_contains_revoked(), trust_anchor::dclass, trust_anchor::dnskey_rrset, do_statetable(), trust_anchor::ds_rrset, autr_point_data::last_queried, autr_point_data::last_success, trust_anchor::lock, log_assert, log_err(), log_nametypeclass(), trust_anchor::name, module_env::now, autr_point_data::query_failed, autr_point_data::revoked, set_next_probe(), update_events(), VERB_ALGO, verbose(), and verify_dnskey().