dnssec-signzone.c revision 797944723c8de672430cc59c11bf4eeacd913649
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * Portions Copyright (C) 1999-2003 Internet Software Consortium.
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * Portions Copyright (C) 1995-2000 by Network Associates, Inc.
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * Permission to use, copy, modify, and distribute this software for any
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * purpose with or without fee is hereby granted, provided that the above
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * copyright notice and this permission notice appear in all copies.
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt/* $Id: dnssec-signzone.c,v 1.184 2005/03/16 00:10:21 marka Exp $ */
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt unsigned int position;
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic unsigned int keycount = 0;
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic isc_stdtime_t starttime = 0, endtime = 0, now;
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic unsigned int nsigned = 0, nretained = 0, ndropped = 0;
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic unsigned int nverified = 0, nverifyfailed = 0;
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic const char *directory;
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic dns_dbversion_t *gversion; /* The database version */
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic dns_dbiterator_t *gdbiter; /* The database iterator */
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic dns_name_t *gorigin; /* The database origin */
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic unsigned int ntasks = 0;
67adc03ef81fb610f8df093b17f55275ee816754Evan Huntstatic isc_boolean_t shuttingdown = ISC_FALSE, finished = ISC_FALSE;
if (bit != 0)
static signer_key_t *
return (key);
if (tryverify) {
static inline isc_boolean_t
static inline isc_boolean_t
static signer_key_t *
return key;
return (NULL);
return (key);
static isc_boolean_t
switch (result) {
case ISC_R_SUCCESS:
case DNS_R_NXDOMAIN:
case DNS_R_NXRRSET:
return (ISC_TRUE);
case DNS_R_DELEGATION:
case DNS_R_CNAME:
case DNS_R_DNAME:
return (ISC_FALSE);
static inline isc_boolean_t
return (ISC_TRUE);
return (ISC_FALSE);
int arraysize;
if (!nosigs)
for (i = 0; i < arraysize; i++)
if (nosigs)
sigstr);
sigstr);
if (!expired)
} else if (!expired) {
if (keep) {
&sigrdata,
&tuple);
&sigrdata,
&tuple);
if (resign) {
isc_buffer_t b;
&tuple);
isc_buffer_t b;
isc_buffer_t b;
if (isc_buffer_availablelength(&b) == 0) {
isc_buffer_putuint8(&b, 0);
static isc_result_t
return (ISC_R_NOTFOUND);
return (DNS_R_BADDB);
return (result);
return (result);
static isc_boolean_t
unsigned int val)
unsigned int newlen;
int octet;
newlen = 0;
if (octet < 0)
isc_buffer_t b;
return (answer);
static isc_boolean_t
return (ISC_FALSE);
if (isdelegation) {
if (generateds) {
if (generateds) {
gversion, 0,
if (!nokeys)
if (changed) {
dns_rdatatype_nsec, 0, 0,
&rdataset,
if (hasds)
goto skip;
if (isdelegation) {
goto skip;
namebuf);
skip:
static inline isc_boolean_t
if (!active)
if (!active) {
if (!found) {
covers);
return (active);
static dns_ttl_t
soattl(void) {
return (ttl);
if (destroy) {
covers);
presign(void) {
postsign(void) {
if (shuttingdown)
if (finished) {
while (!found) {
dns_rdatatype_nsec, 0, 0,
if (!found)
if (!found) {
assigned++;
completed++;
nsecify(void) {
while (!done) {
nextname);
if (!active) {
zonettl);
isc_buffer_t b;
int len;
unsigned int nkeys, i;
for (i = 0; i < nkeys; i++) {
&pubkey);
goto next;
goto next;
next:
program);
char *filename;
isc_buffer_t b;
isc_region_t r;
unsigned int filenamelen;
filename[0] = 0;
unsigned int labels;
isc_buffer_usedregion(&b, &r);
usage(void) {
exit(0);
removetempfile(void) {
if (removefile)
if (runtime_us > 0) {
int i, ch;
int ndskeys = 0;
char *endp;
unsigned int eflags;
int tempfilelen;
isc_buffer_t b;
int len;
switch (ch) {
usage();
if (!pseudorandom)
if (ntasks == 0)
usage();
if (argc == 0) {
for (i = 0; i < argc; i++) {
argv[i]);
for (i = 0; i < ndskeys; i++) {
program);
nsecify();
if (!nokeys) {
for (i = 0; i < (int)ntasks; i++) {
if (printstats)
presign();
(void)isc_app_run();
if (!finished)
for (i = 0; i < (int)ntasks; i++)
postsign();
if (printstats)
if (free_output)
(void) isc_app_finish();
if (printstats) {