Lines Matching refs:anchors
39 * This file contains storage for the trust anchors for the validator.
114 /** destroy locks in tree and delete autotrust anchors */
140 anchors_delete(struct val_anchors* anchors)
142 if(!anchors)
144 lock_unprotect(&anchors->lock, anchors->autr);
145 lock_unprotect(&anchors->lock, anchors);
146 lock_basic_destroy(&anchors->lock);
147 if(anchors->tree)
148 traverse_postorder(anchors->tree, anchors_delfunc, NULL);
149 free(anchors->tree);
150 autr_global_delete(anchors->autr);
151 free(anchors);
155 anchors_init_parents_locked(struct val_anchors* anchors)
161 RBTREE_FOR(node, struct trust_anchor*, anchors->tree) {
189 init_parents(struct val_anchors* anchors)
191 lock_basic_lock(&anchors->lock);
192 anchors_init_parents_locked(anchors);
193 lock_basic_unlock(&anchors->lock);
197 anchor_find(struct val_anchors* anchors, uint8_t* name, int namelabs,
208 lock_basic_lock(&anchors->lock);
209 n = rbtree_search(anchors->tree, &key);
213 lock_basic_unlock(&anchors->lock);
221 anchor_new_ta(struct val_anchors* anchors, uint8_t* name, int namelabs,
243 lock_basic_lock(&anchors->lock);
250 rbtree_insert(anchors->tree, &ta->node);
252 lock_basic_unlock(&anchors->lock);
294 * @param anchors: anchor storage.
304 anchor_store_new_key(struct val_anchors* anchors, uint8_t* name, uint16_t type,
317 ta = anchor_find(anchors, name, namelabs, namelen, dclass);
319 ta = anchor_new_ta(anchors, name, namelabs, namelen, dclass, 1);
350 * @param anchors: anchor storage.
357 anchor_store_new_rr(struct val_anchors* anchors, uint8_t* rr, size_t rl,
361 if(!(ta=anchor_store_new_key(anchors, rr,
376 * @param anchors: anchor storage.
381 anchor_insert_insecure(struct val_anchors* anchors, const char* str)
390 ta = anchor_store_new_key(anchors, nm, LDNS_RR_TYPE_DS,
397 anchor_store_str(struct val_anchors* anchors, sldns_buffer* buffer,
411 if(!(ta=anchor_store_new_rr(anchors, rr, len, dname_len))) {
419 * Read a file with trust anchors
420 * @param anchors: anchor storage.
427 anchor_read_file(struct val_anchors* anchors, sldns_buffer* buffer,
462 if(!(tanew=anchor_store_new_rr(anchors, rr, len, dname_len))) {
479 /* empty file is OK when multiple anchors are allowed */
632 * @param anchors: where to store keys
639 process_bind_contents(struct val_anchors* anchors, sldns_buffer* buf,
691 if(!anchor_store_str(anchors, buf, str)) {
730 * Read a BIND9 like file with trust anchors in named.conf format.
731 * @param anchors: anchor storage.
737 anchor_read_bind_file(struct val_anchors* anchors, sldns_buffer* buffer,
763 if(!process_bind_contents(anchors, buffer, &line_nr, in)) {
780 * Read a BIND9 like files with trust anchors in named.conf format.
782 * @param anchors: anchor storage.
788 anchor_read_bind_file_wild(struct val_anchors* anchors, sldns_buffer* buffer,
797 return anchor_read_bind_file(anchors, buffer, pat);
837 if(!anchor_read_bind_file(anchors, buffer, g.gl_pathv[i])) {
847 return anchor_read_bind_file(anchors, buffer, pat);
953 * @return number of DS anchors with unsupported algorithms.
970 * @return number of DNSKEY anchors with unsupported algorithms.
985 * Assemble the rrsets in the anchors, ready for use by validator.
986 * @param anchors: trust anchor storage.
990 anchors_assemble_rrsets(struct val_anchors* anchors)
995 lock_basic_lock(&anchors->lock);
996 ta=(struct trust_anchor*)rbtree_first(anchors->tree);
1008 lock_basic_unlock(&anchors->lock);
1035 (void)rbtree_delete(anchors->tree, &ta->node);
1044 lock_basic_unlock(&anchors->lock);
1049 anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg)
1061 if(!anchor_insert_insecure(anchors, *zstr)) {
1071 if(!anchor_insert_insecure(anchors, f->str)) {
1084 if(!anchor_read_file(anchors, parsebuf, nm, 0)) {
1097 if(!anchor_read_bind_file_wild(anchors, parsebuf, nm)) {
1106 if(!anchor_store_str(anchors, parsebuf, f->str)) {
1112 /* do autr last, so that it sees what anchors are filled by other
1121 if(!autr_read_file(anchors, nm)) {
1128 /* first assemble, since it may delete useless anchors */
1129 anchors_assemble_rrsets(anchors);
1130 init_parents(anchors);
1132 if(verbosity >= VERB_ALGO) autr_debug_print(anchors);
1137 anchors_lookup(struct val_anchors* anchors,
1148 lock_basic_lock(&anchors->lock);
1149 if(rbtree_find_less_equal(anchors->tree, &key, &res)) {
1157 lock_basic_unlock(&anchors->lock);
1172 lock_basic_unlock(&anchors->lock);
1194 anchors_get_mem(struct val_anchors* anchors)
1199 if(!anchors) return 0;
1200 s = sizeof(*anchors);
1201 lock_basic_lock(&anchors->lock);
1202 RBTREE_FOR(ta, struct trust_anchor*, anchors->tree) {
1222 lock_basic_unlock(&anchors->lock);
1227 anchors_add_insecure(struct val_anchors* anchors, uint16_t c, uint8_t* nm)
1234 lock_basic_lock(&anchors->lock);
1235 if(rbtree_search(anchors->tree, &key)) {
1236 lock_basic_unlock(&anchors->lock);
1240 if(!anchor_new_ta(anchors, nm, key.namelabs, key.namelen, c, 0)) {
1242 lock_basic_unlock(&anchors->lock);
1246 anchors_init_parents_locked(anchors);
1247 lock_basic_unlock(&anchors->lock);
1252 anchors_delete_insecure(struct val_anchors* anchors, uint16_t c,
1261 lock_basic_lock(&anchors->lock);
1262 if(!(ta=(struct trust_anchor*)rbtree_search(anchors->tree, &key))) {
1263 lock_basic_unlock(&anchors->lock);
1271 lock_basic_unlock(&anchors->lock);
1278 (void)rbtree_delete(anchors->tree, &ta->node);
1279 anchors_init_parents_locked(anchors);
1280 lock_basic_unlock(&anchors->lock);
1325 anchor_has_keytag(struct val_anchors* anchors, uint8_t* name, int namelabs,
1331 struct trust_anchor* anchor = anchor_find(anchors,
1366 anchors_find_any_noninsecure(struct val_anchors* anchors)
1369 lock_basic_lock(&anchors->lock);
1370 ta=(struct trust_anchor*)rbtree_first(anchors->tree);
1376 lock_basic_unlock(&anchors->lock);
1382 lock_basic_unlock(&anchors->lock);
1387 anchors_swap_tree(struct val_anchors* anchors, struct val_anchors* data)
1392 if(!anchors || !data)
1393 return; /* If anchors is NULL, there is no validation. */
1395 oldtree = anchors->tree;
1396 oldprobe = anchors->autr->probe;
1398 anchors->tree = data->tree;
1399 anchors->autr->probe = data->autr->probe;