*/
#pragma once
#include "dnsrecords.hh"
+#include "dnspacket.hh"
#include <string>
#include <vector>
void incrementHash(std::string& raw);
void decrementHash(std::string& raw);
-void addRRSigs(DNSSECKeeper& dk, UeberBackend& db, const std::set<DNSName>& authMap, vector<DNSZoneRecord>& rrs);
+void addRRSigs(DNSSECKeeper& dk, UeberBackend& db, const std::set<DNSName>& authMap, vector<DNSZoneRecord>& rrs, DNSPacket* p=nullptr);
void addTSIG(DNSPacketWriter& pw, TSIGRecordContent& trc, const DNSName& tsigkeyname, const string& tsigsecret, const string& tsigprevious, bool timersonly);
bool validateTSIG(const std::string& packet, size_t sigPos, const TSIGTriplet& tt, const TSIGRecordContent& trc, const std::string& previousMAC, const std::string& theirMAC, bool timersOnly, unsigned int dnsHeaderOffset=0);
#include <boost/multi_index/sequenced_index.hpp>
#include "dnssecinfra.hh"
#include "dnsrecords.hh"
+#include "dnspacket.hh"
#include "ueberbackend.hh"
#include "lock.hh"
bool checkNSEC3PARAM(const NSEC3PARAMRecordContent& ns3p, string& msg);
bool setNSEC3PARAM(const DNSName& zname, const NSEC3PARAMRecordContent& n3p, const bool& narrow=false);
bool unsetNSEC3PARAM(const DNSName& zname);
- void getPreRRSIGs(UeberBackend& db, vector<DNSZoneRecord>& rrs, uint32_t signTTL);
+ void getPreRRSIGs(UeberBackend& db, vector<DNSZoneRecord>& rrs, uint32_t signTTL, DNSPacket* p=nullptr);
bool isPresigned(const DNSName& zname, bool useCache=true);
bool setPresigned(const DNSName& zname);
bool unsetPresigned(const DNSName& zname);
static size_t s_maxEntries;
};
-class DNSPacket;
uint32_t localtime_format_YYYYMMDDSS(time_t t, uint32_t seq);
// for SOA-EDIT
uint32_t calculateEditSOA(uint32_t old_serial, DNSSECKeeper& dk, const DNSName& zonename);
// this is the entrypoint from DNSPacket
static void addSignature(DNSSECKeeper& dk, UeberBackend& db, const DNSName& signer, const DNSName& signQName, const DNSName& wildcardname, uint16_t signQType,
uint32_t signTTL, DNSResourceRecord::Place signPlace,
- sortedRecords_t& toSign, vector<DNSZoneRecord>& outsigned, uint32_t origTTL)
+ sortedRecords_t& toSign, vector<DNSZoneRecord>& outsigned, uint32_t origTTL, DNSPacket* p)
{
//cerr<<"Asked to sign '"<<signQName<<"'|"<<DNSRecordContent::NumberToType(signQType)<<", "<<toSign.size()<<" records\n";
if(toSign.empty())
vector<RRSIGRecordContent> rrcs;
if(dk.isPresigned(signer)) {
//cerr<<"Doing presignatures"<<endl;
- dk.getPreRRSIGs(db, outsigned, origTTL); // does it all
+ dk.getPreRRSIGs(db, outsigned, origTTL, p); // does it all
}
else {
if(getRRSIGsForRRSET(dk, signer, wildcardname.countLabels() ? wildcardname : signQName, signQType, signTTL, toSign, rrcs) < 0) {
return false;
}
-void addRRSigs(DNSSECKeeper& dk, UeberBackend& db, const set<DNSName>& authSet, vector<DNSZoneRecord>& rrs)
+void addRRSigs(DNSSECKeeper& dk, UeberBackend& db, const set<DNSName>& authSet, vector<DNSZoneRecord>& rrs, DNSPacket* p)
{
stable_sort(rrs.begin(), rrs.end(), rrsigncomp);
for(auto pos = rrs.cbegin(); pos != rrs.cend(); ++pos) {
if(pos != rrs.cbegin() && (signQType != pos->dr.d_type || signQName != pos->dr.d_name)) {
if (getBestAuthFromSet(authSet, authQName, signer))
- addSignature(dk, db, signer, signQName, wildcardQName, signQType, signTTL, signPlace, toSign, signedRecords, origTTL);
+ addSignature(dk, db, signer, signQName, wildcardQName, signQType, signTTL, signPlace, toSign, signedRecords, origTTL, p);
}
signedRecords.push_back(*pos);
signQName = pos->dr.d_name.makeLowerCase();
}
}
if (getBestAuthFromSet(authSet, authQName, signer))
- addSignature(dk, db, signer, signQName, wildcardQName, signQType, signTTL, signPlace, toSign, signedRecords, origTTL);
+ addSignature(dk, db, signer, signQName, wildcardQName, signQType, signTTL, signPlace, toSign, signedRecords, origTTL, p);
rrs.swap(signedRecords);
}
projects / thirdparty / pdns.git / commitdiff
