OpenDNSSEC-signer  1.4.3
signconf.c
Go to the documentation of this file.
1 /*
2  * $Id: signconf.c 7354 2013-10-09 12:36:03Z matthijs $
3  *
4  * Copyright (c) 2009 NLNet Labs. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
34 #include "parser/signconfparser.h"
35 #include "shared/duration.h"
36 #include "shared/file.h"
37 #include "shared/log.h"
38 #include "shared/status.h"
39 #include "signer/signconf.h"
40 
41 static const char* sc_str = "signconf";
42 
43 
50 {
51  signconf_type* sc = NULL;
52  allocator_type* allocator = allocator_create(malloc, free);
53  if (!allocator) {
54  ods_log_error("[%s] unable to create signconf: allocator_create() "
55  " failed", sc_str);
56  return NULL;
57  }
58  sc = (signconf_type*) allocator_alloc(allocator, sizeof(signconf_type));
59  if (!sc) {
60  ods_log_error("[%s] unable to create signconf: allocator_alloc() "
61  " failed", sc_str);
62  allocator_cleanup(allocator);
63  return NULL;
64  }
65  sc->allocator = allocator;
66  sc->filename = NULL;
67  /* Signatures */
68  sc->sig_resign_interval = NULL;
69  sc->sig_refresh_interval = NULL;
70  sc->sig_validity_default = NULL;
71  sc->sig_validity_denial = NULL;
72  sc->sig_jitter = NULL;
73  sc->sig_inception_offset = NULL;
74  /* Denial of existence */
75  sc->nsec3param_ttl = NULL;
76  sc->nsec_type = 0;
77  sc->nsec3_optout = 0;
78  sc->nsec3_algo = 0;
79  sc->nsec3_iterations = 0;
80  sc->nsec3_salt = NULL;
81  sc->nsec3params = NULL;
82  /* Keys */
83  sc->dnskey_ttl = NULL;
84  sc->keys = NULL;
85  /* Source of authority */
86  sc->soa_ttl = NULL;
87  sc->soa_min = NULL;
88  sc->soa_serial = NULL;
89  /* Other useful information */
90  sc->last_modified = 0;
91  return sc;
92 }
93 
94 
99 static ods_status
100 signconf_read(signconf_type* signconf, const char* scfile)
101 {
102  const char* rngfile = ODS_SE_RNGDIR "/signconf.rng";
103  ods_status status = ODS_STATUS_OK;
104  FILE* fd = NULL;
105 
106  if (!scfile || !signconf) {
107  return ODS_STATUS_ASSERT_ERR;
108  }
109  ods_log_debug("[%s] read signconf file %s", sc_str, scfile);
110  status = parse_file_check(scfile, rngfile);
111  if (status != ODS_STATUS_OK) {
112  ods_log_error("[%s] unable to read signconf: parse error in "
113  "file %s (%s)", sc_str, scfile, ods_status2str(status));
114  return status;
115  }
116  fd = ods_fopen(scfile, NULL, "r");
117  if (fd) {
118  signconf->filename = allocator_strdup(signconf->allocator, scfile);
123  signconf->sig_jitter = parse_sc_sig_jitter(scfile);
125  signconf->nsec_type = parse_sc_nsec_type(scfile);
126  if (signconf->nsec_type == LDNS_RR_TYPE_NSEC3) {
127  signconf->nsec3param_ttl = parse_sc_nsec3param_ttl(scfile);
128  signconf->nsec3_optout = parse_sc_nsec3_optout(scfile);
129  signconf->nsec3_algo = parse_sc_nsec3_algorithm(scfile);
130  signconf->nsec3_iterations = parse_sc_nsec3_iterations(scfile);
131  signconf->nsec3_salt = parse_sc_nsec3_salt(signconf->allocator,
132  scfile);
133  signconf->nsec3params = nsec3params_create((void*) signconf,
134  (uint8_t) signconf->nsec3_algo, (uint8_t) signconf->nsec3_optout,
135  (uint16_t)signconf->nsec3_iterations, signconf->nsec3_salt);
136  if (!signconf->nsec3params) {
137  ods_log_error("[%s] unable to read signconf %s: "
138  "nsec3params_create() failed", sc_str, scfile);
139  ods_fclose(fd);
140  return ODS_STATUS_MALLOC_ERR;
141  }
142  }
143  signconf->keys = parse_sc_keys((void*) signconf, scfile);
144  signconf->dnskey_ttl = parse_sc_dnskey_ttl(scfile);
145  signconf->soa_ttl = parse_sc_soa_ttl(scfile);
146  signconf->soa_min = parse_sc_soa_min(scfile);
147  signconf->soa_serial = parse_sc_soa_serial(signconf->allocator,
148  scfile);
149  ods_fclose(fd);
150  return ODS_STATUS_OK;
151  }
152  ods_log_error("[%s] unable to read signconf: failed to open file %s",
153  sc_str, scfile);
154  return ODS_STATUS_ERR;
155 }
156 
157 
163 signconf_update(signconf_type** signconf, const char* scfile,
164  time_t last_modified)
165 {
166  signconf_type* new_sc = NULL;
167  time_t st_mtime = 0;
168  ods_status status = ODS_STATUS_OK;
169 
170  if (!scfile || !signconf) {
171  return ODS_STATUS_UNCHANGED;
172  }
173  /* is the file updated? */
174  st_mtime = ods_file_lastmodified(scfile);
175  if (st_mtime <= last_modified) {
176  return ODS_STATUS_UNCHANGED;
177  }
178  /* if so, read the new signer configuration */
179  new_sc = signconf_create();
180  if (!new_sc) {
181  ods_log_error("[%s] unable to update signconf: signconf_create() "
182  "failed", sc_str);
183  return ODS_STATUS_ERR;
184  }
185  status = signconf_read(new_sc, scfile);
186  if (status == ODS_STATUS_OK) {
187  new_sc->last_modified = st_mtime;
188  if (signconf_check(new_sc) != ODS_STATUS_OK) {
189  ods_log_error("[%s] unable to update signconf: signconf %s has "
190  "errors", sc_str, scfile);
191  signconf_cleanup(new_sc);
192  return ODS_STATUS_CFG_ERR;
193  }
194  *signconf = new_sc;
195  } else {
196  ods_log_error("[%s] unable to update signconf: failed to read file "
197  "%s (%s)", sc_str, scfile, ods_status2str(status));
198  signconf_cleanup(new_sc);
199  }
200  return status;
201 }
202 
203 
208 static void
209 signconf_backup_duration(FILE* fd, const char* opt, duration_type* duration)
210 {
211  char* str = duration2string(duration);
212  fprintf(fd, "%s %s ", opt, str);
213  free((void*) str?str:"(null)");
214  return;
215 }
216 
217 
218 
223 void
224 signconf_backup(FILE* fd, signconf_type* sc, const char* version)
225 {
226  if (!fd || !sc) {
227  return;
228  }
229  fprintf(fd, ";;Signconf: lastmod %u ", (unsigned) sc->last_modified);
230  if (strcmp(version, ODS_SE_FILE_MAGIC_V2) &&
231  strcmp(version, ODS_SE_FILE_MAGIC_V1)) {
232  /* version 3 and up */
233  fprintf(fd, "maxzonettl 0 "); /* prepare for enforcer ng */
234  }
235  signconf_backup_duration(fd, "resign", sc->sig_resign_interval);
236  signconf_backup_duration(fd, "refresh", sc->sig_refresh_interval);
237  signconf_backup_duration(fd, "valid", sc->sig_validity_default);
238  signconf_backup_duration(fd, "denial", sc->sig_validity_denial);
239  signconf_backup_duration(fd, "jitter", sc->sig_jitter);
240  signconf_backup_duration(fd, "offset", sc->sig_inception_offset);
241  fprintf(fd, "nsec %u ", (unsigned) sc->nsec_type);
242  signconf_backup_duration(fd, "dnskeyttl", sc->dnskey_ttl);
243  signconf_backup_duration(fd, "soattl", sc->soa_ttl);
244  signconf_backup_duration(fd, "soamin", sc->soa_min);
245  fprintf(fd, "serial %s ", sc->soa_serial?sc->soa_serial:"(null)");
246  if (strcmp(version, ODS_SE_FILE_MAGIC_V2) == 0) {
247  fprintf(fd, "audit 0");
248  }
249  fprintf(fd, "\n");
250  return;
251 }
252 
253 
258 static int
259 signconf_soa_serial_check(const char* serial) {
260  if (!serial) {
261  return 1;
262  }
263 
264  if (strlen(serial) == 4 && strncmp(serial, "keep", 4) == 0) {
265  return 0;
266  }
267  if (strlen(serial) == 7 && strncmp(serial, "counter", 7) == 0) {
268  return 0;
269  }
270  if (strlen(serial) == 8 && strncmp(serial, "unixtime", 8) == 0) {
271  return 0;
272  }
273  if (strlen(serial) == 11 && strncmp(serial, "datecounter", 11) == 0) {
274  return 0;
275  }
276  return 1;
277 }
278 
279 
286 {
287  ods_status status = ODS_STATUS_OK;
288 
289  if (!sc->sig_resign_interval) {
290  ods_log_error("[%s] check failed: no signature resign interval found",
291  sc_str);
292  status = ODS_STATUS_CFG_ERR;
293  }
294  if (!sc->sig_refresh_interval) {
295  ods_log_error("[%s] check failed: no signature resign interval found",
296  sc_str);
297  status = ODS_STATUS_CFG_ERR;
298  }
299  if (!sc->sig_validity_default) {
300  ods_log_error("[%s] check failed: no signature default validity found",
301  sc_str);
302  status = ODS_STATUS_CFG_ERR;
303  }
304  if (!sc->sig_validity_denial) {
305  ods_log_error("[%s] check failed: no signature denial validity found",
306  sc_str);
307  status = ODS_STATUS_CFG_ERR;
308  }
309  if (!sc->sig_jitter) {
310  ods_log_error("[%s] check failed: no signature jitter found", sc_str);
311  status = ODS_STATUS_CFG_ERR;
312  }
313  if (!sc->sig_inception_offset) {
314  ods_log_error("[%s] check failed: no signature inception offset found",
315  sc_str);
316  status = ODS_STATUS_CFG_ERR;
317  }
318  if (sc->nsec_type == LDNS_RR_TYPE_NSEC3) {
319  if (sc->nsec3_algo != LDNS_SHA1) {
320  ods_log_error("[%s] check failed: invalid nsec3 algorithm",
321  sc_str);
322  status = ODS_STATUS_CFG_ERR;
323  }
324  /* iterations */
325  /* salt */
326  /* optout */
327  } else if (sc->nsec_type != LDNS_RR_TYPE_NSEC) {
328  ods_log_error("[%s] check failed: wrong nsec type %i", sc_str,
329  sc->nsec_type);
330  status = ODS_STATUS_CFG_ERR;
331  }
332  if (!sc->keys || sc->keys->count == 0) {
333  ods_log_error("[%s] check failed: no keys found", sc_str);
334  status = ODS_STATUS_CFG_ERR;
335  }
336  if (!sc->dnskey_ttl) {
337  ods_log_error("[%s] check failed: no dnskey ttl found", sc_str);
338  status = ODS_STATUS_CFG_ERR;
339  }
340  if (!sc->soa_ttl) {
341  ods_log_error("[%s] check failed: no soa ttl found", sc_str);
342  status = ODS_STATUS_CFG_ERR;
343  }
344  if (!sc->soa_min) {
345  ods_log_error("[%s] check failed: no soa minimum found", sc_str);
346  status = ODS_STATUS_CFG_ERR;
347  }
348  if (!sc->soa_serial) {
349  ods_log_error("[%s] check failed: no soa serial type found", sc_str);
350  status = ODS_STATUS_CFG_ERR;
351  } else if (signconf_soa_serial_check(sc->soa_serial) != 0) {
352  ods_log_error("[%s] check failed: wrong soa serial type %s", sc_str,
353  sc->soa_serial);
354  status = ODS_STATUS_CFG_ERR;
355  }
356  return status;
357 }
358 
359 
364 task_id
366 {
367  task_id new_task = TASK_NONE;
368  if (!a || !b) {
369  return TASK_NONE;
370  }
371  ods_log_assert(a);
372  ods_log_assert(b);
373 
374  if (duration_compare(a->soa_min, b->soa_min)) {
375  new_task = TASK_NSECIFY;
376  } else if (a->nsec_type != b->nsec_type) {
377  new_task = TASK_NSECIFY;
378  } else if (a->nsec_type == LDNS_RR_TYPE_NSEC3) {
379  if ((ods_strcmp(a->nsec3_salt, b->nsec3_salt) != 0) ||
380  (a->nsec3_algo != b->nsec3_algo) ||
381  (a->nsec3_iterations != b->nsec3_iterations) ||
382  (a->nsec3_optout != b->nsec3_optout)) {
383 
384  new_task = TASK_NSECIFY;
385  } else if (duration_compare(a->nsec3param_ttl, b->nsec3param_ttl)) {
386  new_task = TASK_READ;
387  }
388  }
389  return new_task;
390 }
391 
392 
397 void
398 signconf_print(FILE* out, signconf_type* sc, const char* name)
399 {
400  char* s = NULL;
401 
402  fprintf(out, "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
403  if (sc) {
404  fprintf(out, "<SignerConfiguration>\n");
405  fprintf(out, "\t<Zone name=\"%s\">\n", name?name:"(null)");
406  /* Signatures */
407  fprintf(out, "\t\t<Signatures>\n");
409  fprintf(out, "\t\t\t<Resign>%s</Resign>\n", s?s:"(null)");
410  free((void*)s);
412  fprintf(out, "\t\t\t<Refresh>%s</Refresh>\n", s?s:"(null)");
413  free((void*)s);
414  fprintf(out, "\t\t\t<Validity>\n");
416  fprintf(out, "\t\t\t\t<Default>%s</Default>\n", s?s:"(null)");
417  free((void*)s);
419  fprintf(out, "\t\t\t\t<Denial>%s</Denial>\n", s?s:"(null)");
420  free((void*)s);
421  fprintf(out, "\t\t\t</Validity>\n");
422  s = duration2string(sc->sig_jitter);
423  fprintf(out, "\t\t\t<Jitter>%s</Jitter>\n", s?s:"(null)");
424  free((void*)s);
426  fprintf(out, "\t\t\t<InceptionOffset>%s</InceptionOffset>\n",
427  s?s:"(null)");
428  free((void*)s);
429  fprintf(out, "\t\t</Signatures>\n");
430  fprintf(out, "\n");
431  /* Denial */
432  fprintf(out, "\t\t<Denial>\n");
433  if (sc->nsec_type == LDNS_RR_TYPE_NSEC) {
434  fprintf(out, "\t\t\t<NSEC />\n");
435  } else if (sc->nsec_type == LDNS_RR_TYPE_NSEC3) {
436  fprintf(out, "\t\t\t<NSEC3>\n");
437  if (sc->nsec3param_ttl) {
439  fprintf(out, "\t\t\t\t<TTL>%s</TTL>\n", s?s:"(null)");
440  free((void*)s);
441  }
442  if (sc->nsec3_optout) {
443  fprintf(out, "\t\t\t\t<OptOut />\n");
444  }
445  fprintf(out, "\t\t\t\t<Hash>\n");
446  fprintf(out, "\t\t\t\t\t<Algorithm>%i</Algorithm>\n",
447  sc->nsec3_algo);
448  fprintf(out, "\t\t\t\t\t<Iterations>%i</Iterations>\n",
449  sc->nsec3_iterations);
450  fprintf(out, "\t\t\t\t\t<Salt>%s</Salt>\n",
451  sc->nsec3_salt?sc->nsec3_salt:"(null)");
452  fprintf(out, "\t\t\t\t</Hash>\n");
453  fprintf(out, "\t\t\t</NSEC3>\n");
454  }
455  fprintf(out, "\t\t</Denial>\n");
456  fprintf(out, "\n");
457  /* Keys */
458  fprintf(out, "\t\t<Keys>\n");
459  s = duration2string(sc->dnskey_ttl);
460  fprintf(out, "\t\t\t<TTL>%s</TTL>\n", s?s:"(null)");
461  free((void*)s);
462  fprintf(out, "\n");
463  keylist_print(out, sc->keys);
464  fprintf(out, "\t\t</Keys>\n");
465  fprintf(out, "\n");
466  /* SOA */
467  fprintf(out, "\t\t<SOA>\n");
468  s = duration2string(sc->soa_ttl);
469  fprintf(out, "\t\t\t<TTL>%s</TTL>\n", s?s:"(null)");
470  free((void*)s);
471  s = duration2string(sc->soa_min);
472  fprintf(out, "\t\t\t<Minimum>%s</Minimum>\n", s?s:"(null)");
473  free((void*)s);
474  fprintf(out, "\t\t\t<Serial>%s</Serial>\n",
475  sc->soa_serial?sc->soa_serial:"(null)");
476  fprintf(out, "\t\t</SOA>\n");
477  fprintf(out, "\n");
478  fprintf(out, "\t</Zone>\n");
479  fprintf(out, "</SignerConfiguration>\n");
480  }
481  return;
482 }
483 
484 
489 void
490 signconf_log(signconf_type* sc, const char* name)
491 {
492  char* resign = NULL;
493  char* refresh = NULL;
494  char* validity = NULL;
495  char* denial = NULL;
496  char* jitter = NULL;
497  char* offset = NULL;
498  char* dnskeyttl = NULL;
499  char* soattl = NULL;
500  char* soamin = NULL;
501  char* paramttl = NULL;
502 
503  if (sc) {
504  resign = duration2string(sc->sig_resign_interval);
505  refresh = duration2string(sc->sig_refresh_interval);
506  validity = duration2string(sc->sig_validity_default);
507  denial = duration2string(sc->sig_validity_denial);
508  jitter = duration2string(sc->sig_jitter);
510  dnskeyttl = duration2string(sc->dnskey_ttl);
511  paramttl = duration2string(sc->nsec3param_ttl);
512  soattl = duration2string(sc->soa_ttl);
513  soamin = duration2string(sc->soa_min);
514  /* signconf */
515  ods_log_info("[%s] zone %s signconf: RESIGN[%s] REFRESH[%s] "
516  "VALIDITY[%s] DENIAL[%s] JITTER[%s] OFFSET[%s] NSEC[%i] "
517  "DNSKEYTTL[%s] SOATTL[%s] MINIMUM[%s] SERIAL[%s]",
518  sc_str,
519  name?name:"(null)",
520  resign?resign:"(null)",
521  refresh?refresh:"(null)",
522  validity?validity:"(null)",
523  denial?denial:"(null)",
524  jitter?jitter:"(null)",
525  offset?offset:"(null)",
526  (int) sc->nsec_type,
527  dnskeyttl?dnskeyttl:"(null)",
528  soattl?soattl:"(null)",
529  soamin?soamin:"(null)",
530  sc->soa_serial?sc->soa_serial:"(null)");
531  /* nsec3 parameters */
532  if (sc->nsec_type == LDNS_RR_TYPE_NSEC3) {
533  ods_log_debug("[%s] zone %s nsec3: PARAMTTL[%s] OPTOUT[%i] "
534  "ALGORITHM[%u] ITERATIONS[%u] SALT[%s]",
535  sc_str,
536  name?name:"(null)",
537  paramttl?paramttl:"PT0S",
538  sc->nsec3_optout,
539  sc->nsec3_algo,
540  sc->nsec3_iterations,
541  sc->nsec3_salt?sc->nsec3_salt:"(null)");
542  }
543  /* keys */
544  keylist_log(sc->keys, name);
545  /* cleanup */
546  free((void*)resign);
547  free((void*)refresh);
548  free((void*)validity);
549  free((void*)denial);
550  free((void*)jitter);
551  free((void*)offset);
552  free((void*)dnskeyttl);
553  free((void*)paramttl);
554  free((void*)soattl);
555  free((void*)soamin);
556  }
557  return;
558 }
559 
560 
565 void
567 {
568  allocator_type* allocator = NULL;
569  if (!sc) {
570  return;
571  }
581  keylist_cleanup(sc->keys);
583  allocator = sc->allocator;
584  allocator_deallocate(allocator, (void*) sc->filename);
585  allocator_deallocate(allocator, (void*) sc->nsec3_salt);
586  allocator_deallocate(allocator, (void*) sc->soa_serial);
587  allocator_deallocate(allocator, (void*) sc);
588  allocator_cleanup(allocator);
589  return;
590 }
signconf_type * signconf_create(void)
Definition: signconf.c:49
void keylist_cleanup(keylist_type *kl)
Definition: keys.c:263
duration_type * parse_sc_sig_validity_default(const char *cfgfile)
Definition: task.h:43
uint32_t nsec3_iterations
Definition: signconf.h:68
duration_type * parse_sc_sig_validity_denial(const char *cfgfile)
duration_type * sig_inception_offset
Definition: signconf.h:62
task_id signconf_compare_denial(signconf_type *a, signconf_type *b)
Definition: signconf.c:365
uint32_t parse_sc_nsec3_algorithm(const char *cfgfile)
void signconf_backup(FILE *fd, signconf_type *sc, const char *version)
Definition: signconf.c:224
void keylist_log(keylist_type *kl, const char *name)
Definition: keys.c:227
void ods_log_debug(const char *format,...)
Definition: log.c:272
duration_type * soa_min
Definition: signconf.h:76
duration_type * parse_sc_soa_ttl(const char *cfgfile)
ods_status signconf_check(signconf_type *sc)
Definition: signconf.c:285
const char * nsec3_salt
Definition: signconf.h:69
const char * soa_serial
Definition: signconf.h:77
keylist_type * keys
Definition: signconf.h:73
duration_type * soa_ttl
Definition: signconf.h:75
void * allocator_alloc(allocator_type *allocator, size_t size)
Definition: allocator.c:68
duration_type * sig_validity_default
Definition: signconf.h:59
void signconf_cleanup(signconf_type *sc)
Definition: signconf.c:566
duration_type * sig_validity_denial
Definition: signconf.h:60
duration_type * nsec3param_ttl
Definition: signconf.h:64
void ods_log_info(const char *format,...)
Definition: log.c:304
enum ods_enum_status ods_status
Definition: status.h:91
const char * parse_sc_soa_serial(allocator_type *allocator, const char *cfgfile)
ods_status parse_file_check(const char *cfgfile, const char *rngfile)
Definition: confparser.c:55
time_t ods_file_lastmodified(const char *file)
Definition: file.c:290
void ods_log_error(const char *format,...)
Definition: log.c:336
duration_type * parse_sc_sig_inception_offset(const char *cfgfile)
const char * ods_status2str(ods_status status)
Definition: status.c:112
void keylist_print(FILE *fd, keylist_type *kl)
Definition: keys.c:209
int ods_strcmp(const char *s1, const char *s2)
Definition: file.c:317
void duration_cleanup(duration_type *duration)
Definition: duration.c:602
ldns_rr_type nsec_type
Definition: signconf.h:65
void signconf_print(FILE *out, signconf_type *sc, const char *name)
Definition: signconf.c:398
enum task_id_enum task_id
Definition: task.h:50
FILE * ods_fopen(const char *file, const char *dir, const char *mode)
Definition: file.c:187
const char * parse_sc_nsec3_salt(allocator_type *allocator, const char *cfgfile)
duration_type * parse_sc_dnskey_ttl(const char *cfgfile)
duration_type * parse_sc_sig_jitter(const char *cfgfile)
nsec3params_type * nsec3params_create(void *sc, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt)
Definition: nsec3params.c:105
duration_type * sig_refresh_interval
Definition: signconf.h:58
allocator_type * allocator_create(void *(*allocator)(size_t size), void(*deallocator)(void *))
Definition: allocator.c:49
Definition: task.h:45
duration_type * parse_sc_nsec3param_ttl(const char *cfgfile)
char * allocator_strdup(allocator_type *allocator, const char *string)
Definition: allocator.c:123
char * duration2string(duration_type *duration)
Definition: duration.c:231
duration_type * parse_sc_sig_refresh_interval(const char *cfgfile)
int parse_sc_nsec3_optout(const char *cfgfile)
duration_type * parse_sc_soa_min(const char *cfgfile)
time_t last_modified
Definition: signconf.h:80
uint32_t nsec3_algo
Definition: signconf.h:67
int duration_compare(duration_type *d1, duration_type *d2)
Definition: duration.c:85
nsec3params_type * nsec3params
Definition: signconf.h:70
size_t count
Definition: keys.h:76
void ods_fclose(FILE *fd)
Definition: file.c:247
allocator_type * allocator
Definition: signconf.h:55
keylist_type * parse_sc_keys(void *sc, const char *cfgfile)
void allocator_cleanup(allocator_type *allocator)
Definition: allocator.c:153
duration_type * dnskey_ttl
Definition: signconf.h:72
void signconf_log(signconf_type *sc, const char *name)
Definition: signconf.c:490
duration_type * sig_jitter
Definition: signconf.h:61
duration_type * sig_resign_interval
Definition: signconf.h:57
ldns_rr_type parse_sc_nsec_type(const char *cfgfile)
void allocator_deallocate(allocator_type *allocator, void *data)
Definition: allocator.c:137
void nsec3params_cleanup(nsec3params_type *nsec3params)
Definition: nsec3params.c:210
#define ods_log_assert(x)
Definition: log.h:156
const char * filename
Definition: signconf.h:79
duration_type * parse_sc_sig_resign_interval(const char *cfgfile)
uint32_t parse_sc_nsec3_iterations(const char *cfgfile)
ods_status signconf_update(signconf_type **signconf, const char *scfile, time_t last_modified)
Definition: signconf.c:163
int nsec3_optout
Definition: signconf.h:66