Lines Matching refs:tp
330 /** create tp */
335 struct trust_anchor* tp = (struct trust_anchor*)calloc(1, sizeof(*tp));
336 if(!tp) return NULL;
337 tp->name = memdup(own, own_len);
338 if(!tp->name) {
339 free(tp);
342 tp->namelen = own_len;
343 tp->namelabs = dname_count_labels(tp->name);
344 tp->node.key = tp;
345 tp->dclass = dc;
346 tp->autr = (struct autr_point_data*)calloc(1, sizeof(*tp->autr));
347 if(!tp->autr) {
348 free(tp->name);
349 free(tp);
352 tp->autr->pnode.key = tp;
355 if(!rbtree_insert(anchors->tree, &tp->node)) {
358 dname_str(tp->name, buf);
360 free(tp->name);
361 free(tp->autr);
362 free(tp);
365 if(!rbtree_insert(&anchors->autr->probe, &tp->autr->pnode)) {
367 (void)rbtree_delete(anchors->tree, tp);
369 dname_str(tp->name, buf);
371 free(tp->name);
372 free(tp->autr);
373 free(tp);
376 lock_basic_init(&tp->lock);
377 lock_protect(&tp->lock, tp, sizeof(*tp));
378 lock_protect(&tp->lock, tp->autr, sizeof(*tp->autr));
380 return tp;
394 void autr_point_delete(struct trust_anchor* tp)
396 if(!tp)
398 lock_unprotect(&tp->lock, tp);
399 lock_unprotect(&tp->lock, tp->autr);
400 lock_basic_destroy(&tp->lock);
401 autr_rrset_delete(tp->ds_rrset);
402 autr_rrset_delete(tp->dnskey_rrset);
403 if(tp->autr) {
404 struct autr_ta* p = tp->autr->keys, *np;
411 free(tp->autr->file);
412 free(tp->autr);
414 free(tp->name);
415 free(tp);
423 struct trust_anchor* tp;
424 tp = anchor_find(anchors, rr, dname_count_labels(rr), dname_len,
426 if(tp) {
427 if(!tp->autr) {
429 lock_basic_unlock(&tp->lock);
432 return tp;
434 tp = autr_tp_create(anchors, rr, dname_len, sldns_wirerr_get_class(rr,
436 if(!tp)
438 lock_basic_lock(&tp->lock);
439 return tp;
445 size_t dname_len, struct trust_anchor** tp)
450 *tp = find_add_tp(anchors, rr, rr_len, dname_len);
451 if(!*tp) {
456 /* add ta to tp */
457 ta->next = (*tp)->autr->keys;
458 (*tp)->autr->keys = ta;
459 lock_basic_unlock(&(*tp)->lock);
467 * @param tp: trust point returned.
477 struct trust_anchor** tp, uint8_t* origin, size_t origin_len,
513 return add_trustanchor_frm_rr(anchors, drr, rr_len, dname_len, tp);
526 * @return false on failure, otherwise the tp read.
534 struct trust_anchor* tp = NULL;
536 ta = add_trustanchor_frm_str(anchors, str, &tp, origin, origin_len,
540 lock_basic_lock(&tp->lock);
542 lock_basic_unlock(&tp->lock);
545 if(!tp->autr->file) {
546 tp->autr->file = strdup(fname);
547 if(!tp->autr->file) {
548 lock_basic_unlock(&tp->lock);
553 lock_basic_unlock(&tp->lock);
554 return tp;
742 * @param tp: the trust point. Must be locked.
746 autr_assemble(struct trust_anchor* tp)
753 if(assemble_iterate_hasfirst(assemble_iterate_ds, tp->autr->keys)) {
755 assemble_iterate_ds, tp->autr->keys);
759 assemble_iterate_ds, tp->autr->keys);
765 if(assemble_iterate_hasfirst(assemble_iterate_dnskey, tp->autr->keys)) {
767 assemble_iterate_dnskey, tp->autr->keys);
771 assemble_iterate_dnskey, tp->autr->keys);
785 autr_rrset_delete(tp->ds_rrset);
786 autr_rrset_delete(tp->dnskey_rrset);
789 tp->ds_rrset = ubds;
790 tp->dnskey_rrset = ubdnskey;
791 tp->numDS = assemble_iterate_count(assemble_iterate_ds,
792 tp->autr->keys);
793 tp->numDNSKEY = assemble_iterate_count(assemble_iterate_dnskey,
794 tp->autr->keys);
816 struct trust_anchor *tp;
838 tp = autr_tp_create(anchors, dname, dname_len, dclass);
840 return tp;
856 struct trust_anchor* tp = *anchor;
863 if(tp) {
869 if(!tp) return -1;
870 lock_basic_lock(&tp->lock);
871 tp->autr->last_queried = (time_t)parse_int(line+16, &r);
872 lock_basic_unlock(&tp->lock);
874 if(!tp) return -1;
875 lock_basic_lock(&tp->lock);
876 tp->autr->last_success = (time_t)parse_int(line+16, &r);
877 lock_basic_unlock(&tp->lock);
879 if(!tp) return -1;
881 lock_basic_lock(&tp->lock);
882 (void)rbtree_delete(&anchors->autr->probe, tp);
883 tp->autr->next_probe_time = (time_t)parse_int(line+19, &r);
884 (void)rbtree_insert(&anchors->autr->probe, &tp->autr->pnode);
885 lock_basic_unlock(&tp->lock);
888 if(!tp) return -1;
889 lock_basic_lock(&tp->lock);
890 tp->autr->query_failed = (uint8_t)parse_int(line+16, &r);
891 lock_basic_unlock(&tp->lock);
893 if(!tp) return -1;
894 lock_basic_lock(&tp->lock);
895 tp->autr->query_interval = (time_t)parse_int(line+18, &r);
896 lock_basic_unlock(&tp->lock);
898 if(!tp) return -1;
899 lock_basic_lock(&tp->lock);
900 tp->autr->retry_time = (time_t)parse_int(line+14, &r);
901 lock_basic_unlock(&tp->lock);
998 struct trust_anchor *tp = NULL, *tp2;
1011 if(r == -1 || (r = parse_var_line(line, anchors, &tp)) == -1) {
1039 if(tp && tp != tp2) {
1048 tp = tp2;
1053 if(!tp) {
1059 lock_basic_lock(&tp->lock);
1060 if(!autr_assemble(tp)) {
1061 lock_basic_unlock(&tp->lock);
1065 lock_basic_unlock(&tp->lock);
1114 autr_write_contents(FILE* out, char* fn, struct trust_anchor* tp)
1125 if(tp->autr->revoked) {
1136 if(!print_id(out, fn, tp->name, tp->namelen, tp->dclass)) {
1140 (unsigned int)tp->autr->last_queried,
1141 autr_ctime_r(&(tp->autr->last_queried), tmi)) < 0 ||
1143 (unsigned int)tp->autr->last_success,
1144 autr_ctime_r(&(tp->autr->last_success), tmi)) < 0 ||
1146 (unsigned int)tp->autr->next_probe_time,
1147 autr_ctime_r(&(tp->autr->next_probe_time), tmi)) < 0 ||
1148 fprintf(out, ";;query_failed: %d\n", (int)tp->autr->query_failed)<0
1150 (int)tp->autr->query_interval) < 0 ||
1151 fprintf(out, ";;retry_time: %d\n", (int)tp->autr->retry_time) < 0) {
1157 for(ta=tp->autr->keys; ta; ta=ta->next) {
1188 void autr_write_file(struct module_env* env, struct trust_anchor* tp)
1191 char* fname = tp->autr->file;
1196 log_assert(tp->autr);
1206 llvalue = (unsigned long)tp;
1208 llvalue = (unsigned long long)tp;
1220 if(!autr_write_contents(out, tempf, tp)) {
1255 * @param tp: trust point to verify with
1262 struct trust_anchor* tp, struct ub_packed_rrset_key* rrset,
1270 tp->ds_rrset, tp->dnskey_rrset, downprot?sigalg:NULL, &reason,
1412 * @param tp: to search in
1420 find_key(struct trust_anchor* tp, uint16_t t, uint8_t* rdata, size_t rdata_len,
1424 if(!tp || !rdata) {
1428 for(ta=tp->autr->keys; ta; ta=ta->next) {
1438 /** add key and clone RR and tp already locked. rdata without rdlen. */
1440 add_key(struct trust_anchor* tp, uint32_t ttl, uint8_t* rdata, size_t rdata_len)
1448 dname_len = tp->namelen;
1453 memmove(rr, tp->name, tp->namelen);
1464 /* link in, tp already locked */
1465 ta->next = tp->autr->keys;
1466 tp->autr->keys = ta;
1480 set_tp_times(struct trust_anchor* tp, time_t rrsig_exp_interval,
1483 time_t x, qi = tp->autr->query_interval, rt = tp->autr->retry_time;
1494 tp->autr->query_interval = 3600;
1495 else tp->autr->query_interval = x;
1496 } else tp->autr->query_interval = x;
1507 tp->autr->retry_time = 3600;
1508 else tp->autr->retry_time = x;
1509 } else tp->autr->retry_time = x;
1511 if(qi != tp->autr->query_interval || rt != tp->autr->retry_time) {
1517 (int)tp->autr->query_interval,
1518 (int)tp->autr->retry_time);
1524 init_events(struct trust_anchor* tp)
1527 for(ta=tp->autr->keys; ta; ta=ta->next) {
1535 struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset,
1549 if(!find_key(tp, ntohs(dnskey_rrset->rk.type),
1627 struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset,
1634 init_events(tp);
1653 tp->name, LDNS_RR_TYPE_DNSKEY, tp->dclass);
1658 if(!find_key(tp, ntohs(dnskey_rrset->rk.type),
1663 ta = add_key(tp, (uint32_t)dd->rr_ttl[i],
1667 if(ta && tp->ds_rrset && key_matches_a_ds(env, ve,
1668 dnskey_rrset, i, tp->ds_rrset)) {
1679 set_tp_times(tp, min_expiry(env, dd), key_ttl(dnskey_rrset), changed);
1862 init_zsk_to_ksk(struct module_env* env, struct trust_anchor* tp, int* changed)
1868 for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
1879 for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
1894 remove_missing_trustanchors(struct module_env* env, struct trust_anchor* tp,
1901 for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
1916 valid = init_zsk_to_ksk(env, tp, changed);
1921 for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
1956 do_statetable(struct module_env* env, struct trust_anchor* tp, int* changed)
1959 for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
1965 remove_missing_trustanchors(env, tp, changed);
1971 autr_holddown_exceed(struct module_env* env, struct trust_anchor* tp, int* c)
1974 for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
1983 autr_cleanup_keys(struct trust_anchor* tp)
1986 prevp = &tp->autr->keys;
1987 p = tp->autr->keys;
2074 set_next_probe(struct module_env* env, struct trust_anchor* tp,
2084 key.dclass = tp->dclass;
2085 lock_basic_unlock(&tp->lock);
2087 /* fetch tp again and lock anchors, so that we can modify the trees */
2095 log_assert(tp == tp2);
2096 lock_basic_lock(&tp->lock);
2100 (void)rbtree_delete(&env->anchors->autr->probe, tp);
2101 tp->autr->next_probe_time = calc_next_probe(env,
2102 tp->autr->query_interval);
2103 (void)rbtree_insert(&env->anchors->autr->probe, &tp->autr->pnode);
2108 (int)tp->autr->next_probe_time - (int)*env->now);
2117 autr_tp_remove(struct module_env* env, struct trust_anchor* tp,
2126 tp->name, LDNS_RR_TYPE_DNSKEY, tp->dclass);
2127 tp->autr->revoked = 1;
2135 pd.next_probe_time = tp->autr->next_probe_time;
2137 key.namelen = tp->namelen;
2138 key.namelabs = tp->namelabs;
2139 key.dclass = tp->dclass;
2142 lock_basic_unlock(&tp->lock);
2170 struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset,
2174 log_assert(tp && tp->autr);
2176 /* the tp is locked, and stays locked unless it is deleted */
2180 if(tp->autr->revoked) {
2182 "trust point revoked", tp->name,
2183 LDNS_RR_TYPE_DNSKEY, tp->dclass);
2184 lock_basic_unlock(&tp->lock);
2189 tp->autr->last_queried = *env->now;
2192 tp->name, LDNS_RR_TYPE_DNSKEY, tp->dclass);
2194 autr_holddown_exceed(env, tp, &changed);
2197 if(!autr_assemble(tp)) {
2212 check_contains_revoked(env, ve, tp, dnskey_rrset, &changed, qstate);
2215 if(!autr_assemble(tp)) {
2219 if(!tp->ds_rrset && !tp->dnskey_rrset) {
2222 tp->autr->last_success = *env->now;
2223 autr_tp_remove(env, tp, dnskey_rrset);
2228 if(!verify_dnskey(env, ve, tp, dnskey_rrset, qstate)) {
2232 if(tp->autr->last_success) {
2233 tp->autr->query_failed += 1;
2234 autr_write_file(env, tp);
2239 tp->autr->last_success = *env->now;
2240 tp->autr->query_failed = 0;
2247 if(!update_events(env, ve, tp, dnskey_rrset, &changed)) {
2256 if(!do_statetable(env, tp, &changed)) {
2262 autr_cleanup_keys(tp);
2263 if(!set_next_probe(env, tp, dnskey_rrset))
2265 autr_write_file(env, tp);
2268 if(!autr_assemble(tp)) {
2272 if(!tp->ds_rrset && !tp->dnskey_rrset) {
2274 autr_tp_remove(env, tp, dnskey_rrset);
2303 autr_debug_print_tp(struct trust_anchor* tp)
2309 if(!tp->autr)
2311 dname_str(tp->name, buf);
2312 log_info("trust point %s : %d", buf, (int)tp->dclass);
2314 (int)tp->numDS, (int)tp->numDNSKEY);
2315 if(tp->ds_rrset) {
2316 log_packed_rrset(NO_VERBOSE, "DS:", tp->ds_rrset);
2318 if(tp->dnskey_rrset) {
2319 log_packed_rrset(NO_VERBOSE, "DNSKEY:", tp->dnskey_rrset);
2321 log_info("file %s", tp->autr->file);
2322 (void)autr_ctime_r(&tp->autr->last_queried, buf);
2324 log_info("last_queried: %u %s", (unsigned)tp->autr->last_queried, buf);
2325 (void)autr_ctime_r(&tp->autr->last_success, buf);
2327 log_info("last_success: %u %s", (unsigned)tp->autr->last_success, buf);
2328 (void)autr_ctime_r(&tp->autr->next_probe_time, buf);
2330 log_info("next_probe_time: %u %s", (unsigned)tp->autr->next_probe_time,
2332 log_info("query_interval: %u", (unsigned)tp->autr->query_interval);
2333 log_info("retry_time: %u", (unsigned)tp->autr->retry_time);
2334 log_info("query_failed: %u", (unsigned)tp->autr->query_failed);
2336 for(ta=tp->autr->keys; ta; ta=ta->next) {
2344 struct trust_anchor* tp;
2346 RBTREE_FOR(tp, struct trust_anchor*, anchors->tree) {
2347 lock_basic_lock(&tp->lock);
2348 autr_debug_print_tp(tp);
2349 lock_basic_unlock(&tp->lock);
2373 /** probe a trust anchor DNSKEY and unlocks tp */
2375 probe_anchor(struct module_env* env, struct trust_anchor* tp)
2381 qinfo.qname = regional_alloc_init(env->scratch, tp->name, tp->namelen);
2386 qinfo.qname_len = tp->namelen;
2388 qinfo.qclass = tp->dclass;
2392 (int)tp->autr->next_probe_time - (int)*env->now);
2408 lock_basic_unlock(&tp->lock);
2428 struct trust_anchor* tp;
2439 tp = (struct trust_anchor*)el->key;
2440 lock_basic_lock(&tp->lock);
2443 if((time_t)tp->autr->next_probe_time > *env->now) {
2445 *next = (time_t)tp->autr->next_probe_time - *env->now;
2446 lock_basic_unlock(&tp->lock);
2452 (void)rbtree_delete(&env->anchors->autr->probe, tp);
2453 tp->autr->next_probe_time = calc_next_probe(env, tp->autr->retry_time);
2454 (void)rbtree_insert(&env->anchors->autr->probe, &tp->autr->pnode);
2457 return tp;
2463 struct trust_anchor* tp;
2469 while( (tp = todo_probe(env, &next_probe)) ) {
2471 probe_anchor(env, tp);