val_env Struct Reference

Global state for the validator. More...

#include <validator.h>

Data Fields

struct key_cachekcache
 key cache; these are validated keys. More...
 
struct val_neg_cacheneg_cache
 aggressive negative cache. More...
 
int32_t date_override
 for debug testing a fixed validation date can be entered. More...
 
int32_t skew_min
 clock skew min for signatures
 
int32_t skew_max
 clock skew max for signatures
 
int max_restart
 max number of query restarts, number of IPs to probe
 
uint32_t bogus_ttl
 TTL for bogus data; used instead of untrusted TTL from data. More...
 
int nsec3_keyiter_count
 Number of entries in the NSEC3 maximum iteration count table. More...
 
size_t * nsec3_keysize
 NSEC3 maximum iteration count per signing key size. More...
 
size_t * nsec3_maxiter
 NSEC3 maximum iteration count per signing key size. More...
 
lock_basic_type bogus_lock
 lock on bogus counter
 
size_t num_rrset_bogus
 number of times rrsets marked bogus
 

Detailed Description

Global state for the validator.

Field Documentation

◆ kcache

struct key_cache* val_env::kcache

key cache; these are validated keys.

trusted keys only end up here after being primed.

Referenced by processValidate(), val_apply_cfg(), and val_deinit().

◆ neg_cache

struct val_neg_cache* val_env::neg_cache

aggressive negative cache.

index into NSECs in rrset cache.

Referenced by set_neg_cache_stats(), val_apply_cfg(), and val_deinit().

◆ date_override

int32_t val_env::date_override

for debug testing a fixed validation date can be entered.

if 0, current time is used for rrsig validation

Referenced by adjust_ttl(), check_dates(), do_set_option(), and val_apply_cfg().

◆ bogus_ttl

uint32_t val_env::bogus_ttl

TTL for bogus data; used instead of untrusted TTL from data.

Bogus data will not be verified more often than this interval. seconds.

Referenced by val_apply_cfg().

◆ nsec3_keyiter_count

int val_env::nsec3_keyiter_count

Number of entries in the NSEC3 maximum iteration count table.

Keep this table short, and sorted by size

Referenced by get_max_iter(), and val_apply_cfg().

◆ nsec3_keysize

size_t* val_env::nsec3_keysize

NSEC3 maximum iteration count per signing key size.

This array contains key size values (in increasing order)

Referenced by fill_nsec3_iter(), and val_deinit().

◆ nsec3_maxiter

size_t* val_env::nsec3_maxiter

NSEC3 maximum iteration count per signing key size.

This array contains the maximum iteration count for the keysize in the keysize array.

Referenced by fill_nsec3_iter(), get_max_iter(), val_apply_cfg(), and val_deinit().


The documentation for this struct was generated from the following file: