]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
0d2cd476 LP |
2 | #pragma once |
3 | ||
0d2cd476 LP |
4 | typedef struct DnsTrustAnchor DnsTrustAnchor; |
5 | ||
6 | #include "hashmap.h" | |
7 | #include "resolved-dns-answer.h" | |
8 | #include "resolved-dns-rr.h" | |
9 | ||
10 | /* This contains a fixed database mapping domain names to DS or DNSKEY records. */ | |
11 | ||
12 | struct DnsTrustAnchor { | |
8e54f5d9 LP |
13 | Hashmap *positive_by_key; |
14 | Set *negative_by_name; | |
c9c72065 | 15 | Set *revoked_by_rr; |
0d2cd476 LP |
16 | }; |
17 | ||
18 | int dns_trust_anchor_load(DnsTrustAnchor *d); | |
19 | void dns_trust_anchor_flush(DnsTrustAnchor *d); | |
20 | ||
8e54f5d9 LP |
21 | int dns_trust_anchor_lookup_positive(DnsTrustAnchor *d, const DnsResourceKey* key, DnsAnswer **answer); |
22 | int dns_trust_anchor_lookup_negative(DnsTrustAnchor *d, const char *name); | |
0c857028 | 23 | |
d424da2a | 24 | int dns_trust_anchor_check_revoked(DnsTrustAnchor *d, DnsResourceRecord *dnskey, DnsAnswer *rrs); |
c9c72065 | 25 | int dns_trust_anchor_is_revoked(DnsTrustAnchor *d, DnsResourceRecord *rr); |