isc_result_t
dns_dsdigest_fromtext(dns_dsdigest_t *dsdigestp, isc_textregion_t *source);
/*%<
- * Convert the text 'source' refers to into a DS/DLV digest type value.
+ * Convert the text 'source' refers to into a DS digest type value.
* The text may contain either a mnemonic digest name or a decimal
* digest number.
*
isc_result_t
dns_dsdigest_totext(dns_dsdigest_t dsdigest, isc_buffer_t *target);
/*%<
- * Put a textual representation of the DS/DLV digest type 'dsdigest'
+ * Put a textual representation of the DS digest type 'dsdigest'
* into 'target'.
*
* Requires:
void
dns_resolver_reset_ds_digests(dns_resolver_t *resolver);
/*%<
- * Clear the disabled DS/DLV digest types.
+ * Clear the disabled DS digest types.
*/
isc_result_t
dns_resolver_disable_ds_digest(dns_resolver_t *resolver,
const dns_name_t *name, unsigned int digest_type);
/*%<
- * Mark the given DS/DLV digest type as disabled and below 'name'.
+ * Mark the given DS digest type as disabled and below 'name'.
* Valid types are less than 256.
*
* Returns:
dns_fixedname_t nearest;
dns_fixedname_t closest;
ISC_LINK(dns_validator_t) link;
- dns_rdataset_t dlv;
- dns_fixedname_t dlvsep;
- bool havedlvsep;
- bool mustbesecure;
- unsigned int dlvlabels;
+ bool mustbesecure;
unsigned int depth;
unsigned int authcount;
unsigned int authfail;
/*%
* dns_validator_create() options.
*/
-#define DNS_VALIDATOR_DLV 0x0001U
+/* obsolete: #define DNS_VALIDATOR_DLV 0x0001U */
#define DNS_VALIDATOR_DEFER 0x0002U
#define DNS_VALIDATOR_NOCDFLAG 0x0004U
#define DNS_VALIDATOR_NONTA 0x0008U /*% Ignore NTA table */
* Its 'result' field will be ISC_R_SUCCESS iff the
* response was successfully proven to be either secure or
* part of a known insecure domain.
- *
- * options:
- * If DNS_VALIDATOR_DLV is set the caller knows there is not a
- * trusted key and the validator should immediately attempt to validate
- * the answer by looking for an appropriate DLV RRset.
*/
void
bool rootdelonly;
dns_namelist_t * rootexclude;
bool checknames;
- dns_name_t * dlv;
- dns_fixedname_t dlv_fixed;
uint16_t maxudp;
dns_ttl_t staleanswerttl;
dns_stale_answer_t staleanswersok; /* rndc setting */
if (result != ISC_R_SUCCESS) {
secure_domain = false;
}
- if (res->view->dlv != NULL) {
- secure_domain = true;
- }
-
if (secure_domain ||
(ISFORWARDER(query->addrinfo) && ntacovered))
{
result = isc_time_nowplusinterval(&expire, &i);
if (badcache &&
(fctx->type == dns_rdatatype_dnskey ||
- fctx->type == dns_rdatatype_dlv ||
fctx->type == dns_rdatatype_ds) &&
result == ISC_R_SUCCESS)
dns_resolver_addbadcache(res, &fctx->name,
tresult = isc_time_nowplusinterval(&expire, &i);
if (negative &&
(fctx->type == dns_rdatatype_dnskey ||
- fctx->type == dns_rdatatype_dlv ||
fctx->type == dns_rdatatype_ds) &&
tresult == ISC_R_SUCCESS)
dns_resolver_addbadcache(res, &fctx->name,
if (result != ISC_R_SUCCESS) {
return (result);
}
-
- if (!secure_domain && res->view->dlv != NULL) {
- valoptions |= DNS_VALIDATOR_DLV;
- secure_domain = true;
- }
}
if ((fctx->options & DNS_FETCHOPT_NOCDFLAG) != 0) {
now, checknta, NULL, &secure_domain);
if (result != ISC_R_SUCCESS)
return (result);
-
- if (!secure_domain && res->view->dlv != NULL) {
- valoptions |= DNS_VALIDATOR_DLV;
- secure_domain = true;
- }
}
if ((fctx->options & DNS_FETCHOPT_NOCDFLAG) != 0)
view->dstport = 53;
view->preferred_glue = 0;
view->flush = false;
- view->dlv = NULL;
view->maxudp = 0;
view->staleanswerttl = 1;
view->staleanswersok = dns_stale_answer_conf;
view->maxbits = 0;
view->rpzs = NULL;
view->catzs = NULL;
- dns_fixedname_init(&view->dlv_fixed);
view->managed_keys = NULL;
view->redirect = NULL;
view->redirectzone = NULL;
projects / thirdparty / bind9.git / commitdiff
