From: Miek Gieben <miekg@NLnetLabs.nl>
Date: Tue, 1 Mar 2005 15:00:17 +0000 (+0000)
Subject: not much
X-Git-Tag: release-0.50~320
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=81bdcbdec92e3f2fe6ea1e406fd41d8634c6a3c1;p=thirdparty%2Fldns.git

not much
---

diff --git a/TODO b/TODO
index 4321ae6c..20543c8c 100644
--- a/TODO
+++ b/TODO
@@ -12,8 +12,9 @@ o network code
 	- tsig?
 o DNSSEC
 	- signing
+	- do we call random()?
 o Make a shared library and test compile some programs
-o Thread safety
+o Thread safety, strtok is used
 o ssl autoconf
 o create a bunch of small programs:
 	mx 
@@ -21,7 +22,6 @@ o create a bunch of small programs:
 	host
 	?
 
-
 Documentation:
 --------------
 o Crypto interface for dnssec
diff --git a/dnssec.c b/dnssec.c
index 9fd4d01d..b0da2448 100644
--- a/dnssec.c
+++ b/dnssec.c
@@ -414,6 +414,25 @@ ldns_key_buf2rsa(ldns_buffer *key)
 ldns_rr_list *
 ldns_sign(ldns_rr_list *ATTR_UNUSED(rrset), ldns_rr_list *ATTR_UNUSED(keys))
 {
+	/* how to sign
+	 * - create the correct openSSL keys from the keys
+	 * - sort and extract the original ttl from the rrset
+	 * - type covered, labels, wildcards?!?!
+	 * - inception, expiration?!?!
+	 *
+	 *  signature = sign(RRSIG_RDATA | RR(1) | RR(2)... ) 
+	 */
+
+	/* create a hash and sign that??? */
+#if 0
+	        int RSA_sign(NID_sha1 | NID_md5, unsigned char *m, unsigned int m_len,
+           unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+
+        int    DSA_sign(int type, const unsigned char *dgst, int len,
+			                       unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+#endif 
+
+	/* convert the sigstuff to base64 ... */
 
 	return NULL;
 }