0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering#pragma once
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering/***
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering This file is part of systemd.
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering Copyright 2015 Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering systemd is free software; you can redistribute it and/or modify it
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering under the terms of the GNU Lesser General Public License as published by
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering the Free Software Foundation; either version 2.1 of the License, or
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering (at your option) any later version.
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering systemd is distributed in the hope that it will be useful, but
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering WITHOUT ANY WARRANTY; without even the implied warranty of
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering Lesser General Public License for more details.
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering You should have received a copy of the GNU Lesser General Public License
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering along with systemd; If not, see <http://www.gnu.org/licenses/>.
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering***/
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poetteringtypedef struct DnsTrustAnchor DnsTrustAnchor;
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering#include "hashmap.h"
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering#include "resolved-dns-answer.h"
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering#include "resolved-dns-rr.h"
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering/* This contains a fixed database mapping domain names to DS or DNSKEY records. */
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poetteringstruct DnsTrustAnchor {
8e54f5d90a6b9dd1ff672fb97ea98de66c49e332Lennart Poettering Hashmap *positive_by_key;
8e54f5d90a6b9dd1ff672fb97ea98de66c49e332Lennart Poettering Set *negative_by_name;
c9c72065419e6595131a6fe1e663e2184a843f7cLennart Poettering Set *revoked_by_rr;
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering};
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poetteringint dns_trust_anchor_load(DnsTrustAnchor *d);
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poetteringvoid dns_trust_anchor_flush(DnsTrustAnchor *d);
0d2cd47617b423f37d7425be7a56ae2fca8ff9f6Lennart Poettering
8e54f5d90a6b9dd1ff672fb97ea98de66c49e332Lennart Poetteringint dns_trust_anchor_lookup_positive(DnsTrustAnchor *d, const DnsResourceKey* key, DnsAnswer **answer);
8e54f5d90a6b9dd1ff672fb97ea98de66c49e332Lennart Poetteringint dns_trust_anchor_lookup_negative(DnsTrustAnchor *d, const char *name);
0c8570287400ba57d3705a2f62dd26039121ea6fLennart Poettering
d424da2ae0860268ab863ce8945a425aa79e3826Lennart Poetteringint dns_trust_anchor_check_revoked(DnsTrustAnchor *d, DnsResourceRecord *dnskey, DnsAnswer *rrs);
c9c72065419e6595131a6fe1e663e2184a843f7cLennart Poetteringint dns_trust_anchor_is_revoked(DnsTrustAnchor *d, DnsResourceRecord *rr);