not much

diff --git a/TODO b/TODO
index 4321ae6c1f4cf357f8cd44b41c8ec0d789c61c47..20543c8c5852f7435c6b0bab690c762dd18816a3 100644 (file)
--- a/TODO
+++ b/TODO
@@ -12,8 +12,9 @@ o network code
        - tsig?
 o DNSSEC
        - signing
+       - do we call random()?
 o Make a shared library and test compile some programs
-o Thread safety
+o Thread safety, strtok is used
 o ssl autoconf
 o create a bunch of small programs:
        mx 
@@ -21,7 +22,6 @@ o create a bunch of small programs:
        host
        ?
 
-
 Documentation:
 --------------
 o Crypto interface for dnssec

diff --git a/dnssec.c b/dnssec.c
index 9fd4d01db2ec65f6089b7d4ffd5f1e8b691968f0..b0da2448848f1e1f4bf9b308841d953bf4307bf9 100644 (file)
--- a/dnssec.c
+++ b/dnssec.c
@@ -414,6 +414,25 @@ ldns_key_buf2rsa(ldns_buffer *key)
 ldns_rr_list *
 ldns_sign(ldns_rr_list *ATTR_UNUSED(rrset), ldns_rr_list *ATTR_UNUSED(keys))
 {
+       /* how to sign
+        * - create the correct openSSL keys from the keys
+        * - sort and extract the original ttl from the rrset
+        * - type covered, labels, wildcards?!?!
+        * - inception, expiration?!?!
+        *
+        *  signature = sign(RRSIG_RDATA | RR(1) | RR(2)... ) 
+        */
+
+       /* create a hash and sign that??? */
+#if 0
+               int RSA_sign(NID_sha1 | NID_md5, unsigned char *m, unsigned int m_len,
+           unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+
+        int    DSA_sign(int type, const unsigned char *dgst, int len,
+                                              unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+#endif 
+
+       /* convert the sigstuff to base64 ... */
 
        return NULL;
 }