xref: /minix/external/bsd/bind/dist/lib/dns/include/dns/nsec.h (revision fb9c64b2) 
1 /*	$NetBSD: nsec.h,v 1.7 2014/12/10 04:37:58 christos Exp $	*/
2 
3 /*
4  * Copyright (C) 2004-2008, 2011, 2012  Internet Systems Consortium, Inc. ("ISC")
5  * Copyright (C) 1999-2001, 2003  Internet Software Consortium.
6  *
7  * Permission to use, copy, modify, and/or distribute this software for any
8  * purpose with or without fee is hereby granted, provided that the above
9  * copyright notice and this permission notice appear in all copies.
10  *
11  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
12  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
13  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
14  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
15  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
16  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17  * PERFORMANCE OF THIS SOFTWARE.
18  */
19 
20 /* Id: nsec.h,v 1.14 2011/06/10 23:47:32 tbox Exp  */
21 
22 #ifndef DNS_NSEC_H
23 #define DNS_NSEC_H 1
24 
25 /*! \file dns/nsec.h */
26 
27 #include <isc/lang.h>
28 
29 #include <dns/types.h>
30 #include <dns/name.h>
31 
32 #define DNS_NSEC_BUFFERSIZE (DNS_NAME_MAXWIRE + 8192 + 512)
33 
34 ISC_LANG_BEGINDECLS
35 
36 isc_result_t
37 dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version,
38 		    dns_dbnode_t *node, dns_name_t *target,
39 		    unsigned char *buffer, dns_rdata_t *rdata);
40 /*%<
41  * Build the rdata of a NSEC record.
42  *
43  * Requires:
44  *\li	buffer	Points to a temporary buffer of at least
45  * 		DNS_NSEC_BUFFERSIZE bytes.
46  *\li	rdata	Points to an initialized dns_rdata_t.
47  *
48  * Ensures:
49  *  \li    *rdata	Contains a valid NSEC rdata.  The 'data' member refers
50  *		to 'buffer'.
51  */
52 
53 isc_result_t
54 dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node,
55 	       dns_name_t *target, dns_ttl_t ttl);
56 /*%<
57  * Build a NSEC record and add it to a database.
58  */
59 
60 isc_boolean_t
61 dns_nsec_typepresent(dns_rdata_t *nsec, dns_rdatatype_t type);
62 /*%<
63  * Determine if a type is marked as present in an NSEC record.
64  *
65  * Requires:
66  *\li	'nsec' points to a valid rdataset of type NSEC
67  */
68 
69 isc_result_t
70 dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version,
71 		  isc_boolean_t *answer);
72 /*
73  * Report whether the DNSKEY RRset has a NSEC only algorithm.  Unknown
74  * algorithms are assumed to support NSEC3.  If DNSKEY is not found,
75  * *answer is set to ISC_FALSE, and ISC_R_NOTFOUND is returned.
76  *
77  * Requires:
78  * 	'answer' to be non NULL.
79  */
80 
81 unsigned int
82 dns_nsec_compressbitmap(unsigned char *map, const unsigned char *raw,
83 			unsigned int max_type);
84 /*%<
85  * Convert a raw bitmap into a compressed windowed bit map.  'map' and 'raw'
86  * may overlap.
87  *
88  * Returns the length of the compressed windowed bit map.
89  */
90 
91 void
92 dns_nsec_setbit(unsigned char *array, unsigned int type, unsigned int bit);
93 /*%<
94  * Set type bit in raw 'array' to 'bit'.
95  */
96 
97 isc_boolean_t
98 dns_nsec_isset(const unsigned char *array, unsigned int type);
99 /*%<
100  * Test if the corresponding 'type' bit is set in 'array'.
101  */
102 
103 isc_result_t
104 dns_nsec_noexistnodata(dns_rdatatype_t type, dns_name_t *name,
105 		       dns_name_t *nsecname, dns_rdataset_t *nsecset,
106 		       isc_boolean_t *exists, isc_boolean_t *data,
107 		       dns_name_t *wild, dns_nseclog_t log, void *arg);
108 /*%
109  * Return ISC_R_SUCCESS if we can determine that the name doesn't exist
110  * or we can determine whether there is data or not at the name.
111  * If the name does not exist return the wildcard name.
112  *
113  * Return ISC_R_IGNORE when the NSEC is not the appropriate one.
114  */
115 
116 ISC_LANG_ENDDECLS
117 
118 #endif /* DNS_NSEC_H */
119