From: Miek Gieben <miekg@NLnetLabs.nl>
Date: Wed, 24 May 2006 11:20:05 +0000 (+0000)
Subject: added DS validating function for use in secure tracing
X-Git-Tag: release-1.1.0~143
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=69e4e23cd8942518bde29e12aa3be2fc26076746;p=thirdparty%2Fldns.git

added DS validating function for use in secure tracing
---

diff --git a/drill/securetrace.c b/drill/securetrace.c
index 6d2c08ba..889d386c 100644
--- a/drill/securetrace.c
+++ b/drill/securetrace.c
@@ -13,6 +13,45 @@
 
 #define VAL " [VALIDATED]" 
 
+
+/* See if there is a key/ds in trusted that matches
+ * a ds in *ds. If so, we have a trusted path. If 
+ * not something is the matter
+ */
+ldns_rr_list *
+ds_key_match(ldns_rr_list *ds, ldns_rr_list *trusted)
+{
+	size_t i, j;
+	bool match;
+	ldns_rr *rr_i, *rr_j;
+	ldns_rr_list *trusted_ds;
+
+	match = false;
+	trusted_ds = ldns_rr_list_new();
+	if (!trusted_ds) {
+		return NULL;
+	}
+
+	for (i = 0; i < ldns_rr_list_rr_count(trusted); i++) {
+		rr_i = ldns_rr_list_rr(trusted, i);
+		for (j = 0; j < ldns_rr_list_rr_count(ds); j++) {
+			rr_j = ldns_rr_list_rr(ds, i);
+			if (ldns_rr_compare_ds(rr_i, rr_j)) {
+				match = true;
+				printf("MATCH! :-)\n");
+				ldns_rr_list_push_rr(trusted_ds, rr_j);
+			}
+		}
+	}
+
+	if (match) {
+		return trusted_ds;
+	} else {
+		return NULL;
+	}
+}
+
+
 /*
  * generic function to get some RRset from a nameserver
  * and possible some signatures too (that would be the day...)