"Fossies" - the Fresh Open Source Software Archive

Member "bind-9.16.7/lib/dns/include/dns/keymgr.h" (4 Sep 2020, 2928 Bytes) of package /linux/misc/dns/bind9/9.16.7/bind-9.16.7.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "keymgr.h" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 9.16.6_vs_9.16.7.

    1 /*
    2  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
    3  *
    4  * This Source Code Form is subject to the terms of the Mozilla Public
    5  * License, v. 2.0. If a copy of the MPL was not distributed with this
    6  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
    7  *
    8  * See the COPYRIGHT file distributed with this work for additional
    9  * information regarding copyright ownership.
   10  */
   11 
   12 #ifndef DNS_KEYMGR_H
   13 #define DNS_KEYMGR_H 1
   14 
   15 /*! \file dns/keymgr.h */
   16 
   17 #include <isc/lang.h>
   18 #include <isc/stdtime.h>
   19 
   20 #include <dns/types.h>
   21 
   22 #include <dst/dst.h>
   23 
   24 ISC_LANG_BEGINDECLS
   25 
   26 isc_result_t
   27 dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass,
   28            const char *directory, isc_mem_t *mctx,
   29            dns_dnsseckeylist_t *keyring, dns_kasp_t *kasp,
   30            isc_stdtime_t now, isc_stdtime_t *nexttime);
   31 /*%<
   32  * Manage keys in 'keylist' and update timing data according to 'kasp' policy.
   33  * Create new keys for 'origin' if necessary in 'directory'.  Append all such
   34  * keys, along with use hints gleaned from their metadata, onto 'keylist'.
   35  *
   36  * Update key states and store changes back to disk. Store when to run next
   37  * in 'nexttime'.
   38  *
   39  *  Requires:
   40  *\li       'origin' is a valid FQDN.
   41  *\li       'mctx' is a valid memory context.
   42  *\li       'keyring' is not NULL.
   43  *\li       'kasp' is not NULL.
   44  *
   45  *  Returns:
   46  *\li       #ISC_R_SUCCESS
   47  *\li       any error returned by dst_key_generate(), isc_dir_open(),
   48  *      dst_key_to_file(), or dns_dnsseckey_create().
   49  *
   50  *  Ensures:
   51  *\li       On error, keypool is unchanged
   52  */
   53 
   54 isc_result_t
   55 dns_keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
   56            const char *directory, isc_stdtime_t now, bool dspublish);
   57 isc_result_t
   58 dns_keymgr_checkds_id(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
   59               const char *directory, isc_stdtime_t now, bool dspublish,
   60               dns_keytag_t id, unsigned int algorithm);
   61 /*%<
   62  * Check DS for one key in 'keyring'. The key must have the KSK role.
   63  * If 'dspublish' is set to true, set the DS Publish time to 'now'.
   64  * If 'dspublish' is set to false, set the DS Removed time to 'now'.
   65  * If a specific key 'id' is given it must match the keytag.
   66  * If the 'algorithm' is non-zero, it must match the key's algorithm.
   67  * The result is stored in the key state file.
   68  *
   69  *  Requires:
   70  *\li       'kasp' is not NULL.
   71  *\li       'keyring' is not NULL.
   72  *
   73  *  Returns:
   74  *\li       #ISC_R_SUCCESS (No error).
   75  *\li       #ISC_R_FAILURE (More than one matching KSK found).
   76  *\li       #ISC_R_NOTFOUND (No matching KSK found).
   77  *
   78  */
   79 
   80 void
   81 dns_keymgr_status(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
   82           isc_stdtime_t now, char *out, size_t out_len);
   83 /*%<
   84  * Retrieve the status of given 'kasp' policy and keys in the
   85  * 'keyring' and store the printable output in the 'out' buffer.
   86  *
   87  *  Requires:
   88  *\li       'kasp' is not NULL.
   89  *\li       'keyring' is not NULL.
   90  *\li       'out' is not NULL.
   91  *
   92  *  Returns:
   93  *\li       Printable status in 'out'.
   94  *
   95  */
   96 
   97 ISC_LANG_ENDDECLS
   98 
   99 #endif /* DNS_KEYMGR_H */