.ad l .TH ldns 3 "30 May 2006" .SH NAME ldns_dnssec_zone_sign, ldns_dnssec_zone_sign_nsec3, ldns_dnssec_zone_mark_glue, ldns_dnssec_name_node_next_nonglue, ldns_dnssec_zone_create_nsecs, ldns_dnssec_remove_signatures, ldns_dnssec_zone_create_rrsigs \- sign ldns_dnssec_zone .SH SYNOPSIS #include .br #include .br .PP #include .PP ldns_status ldns_dnssec_zone_sign(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg); .PP ldns_status ldns_dnssec_zone_sign_nsec3(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt); .PP ldns_dnssec_zone_mark_glue(); .PP ldns_rbnode_t* ldns_dnssec_name_node_next_nonglue(ldns_rbnode_t *node); .PP ldns_status ldns_dnssec_zone_create_nsecs(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs); .PP ldns_dnssec_rrs* ldns_dnssec_remove_signatures(ldns_dnssec_rrs *signatures, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg); .PP ldns_status ldns_dnssec_zone_create_rrsigs(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void*), void *arg); .PP .SH DESCRIPTION .HP \fIldns_dnssec_zone_sign\fR() signs the given zone with the given keys \.br \fBzone\fR: the zone to sign \.br \fBkey_list\fR: the list of keys to sign the zone with \.br \fBnew_rrs\fR: newly created resource records are added to this list, to free them later \.br \fBfunc\fR: callback function that decides what to do with old signatures This function takes an ldns_rr* and an optional void *arg argument, and returns one of four values: \%LDNS_SIGNATURE_LEAVE_ADD_NEW: leave the signature and add a new one for the corresponding key \%LDNS_SIGNATURE_REMOVE_ADD_NEW: remove the signature and replace is with a new one from the same key \%LDNS_SIGNATURE_LEAVE_NO_ADD: leave the signature and do not add a new one with the corresponding key \%LDNS_SIGNATURE_REMOVE_NO_ADD: remove the signature and do not replace \.br \fBarg\fR: optional argument for the callback function \.br Returns \%LDNS_STATUS_OK on success, an error code otherwise .PP .HP \fIldns_dnssec_zone_sign_nsec3\fR() signs the given zone with the given new zone, with NSEC3 \.br \fBzone\fR: the zone to sign \.br \fBkey_list\fR: the list of keys to sign the zone with \.br \fBnew_rrs\fR: newly created resource records are added to this list, to free them later \.br \fBfunc\fR: callback function that decides what to do with old signatures \.br \fBarg\fR: optional argument for the callback function \.br \fBalgorithm\fR: the NSEC3 hashing algorithm to use \.br \fBflags\fR: NSEC3 flags \.br \fBiterations\fR: the number of NSEC3 hash iterations to use \.br \fBsalt_length\fR: the length (in octets) of the NSEC3 salt \.br \fBsalt\fR: the NSEC3 salt data \.br Returns \%LDNS_STATUS_OK on success, an error code otherwise .PP .HP \fIldns_dnssec_zone_mark_glue\fR() .PP .HP \fIldns_dnssec_name_node_next_nonglue\fR() Finds the first dnssec_name node in the rbtree that is not occluded. It *does* return names that are partially occluded. \.br \fBnode\fR: the first node to check \.br Returns the first node that has not been marked as glue, or \%NULL if not found (\%TODO: make that \%LDNS_RBTREE_NULL?) .PP .HP \fIldns_dnssec_zone_create_nsecs\fR() Adds \%NSEC records to the given dnssec_zone \.br \fBzone\fR: the zone to add the records to \.br \fBnew_rrs\fR: ldns_rr's created by this function are added to this rr list, so the caller can free them later \.br Returns \%LDNS_STATUS_OK on success, an error code otherwise .PP .HP \fIldns_dnssec_remove_signatures\fR() remove signatures if callback function tells to \.br \fBsignatures\fR: list of signatures to check, and possibly remove, depending on the value of the callback \.br \fBkey_list\fR: these are marked to be used or not, on the return value of the callback \.br \fBfunc\fR: this function is called to specify what to do with each signature (and corresponding key) \.br \fBarg\fR: Optional argument for the callback function \.br Returns s pointer to the new signatures rrs (the original passed to this function may have been removed) .PP .HP \fIldns_dnssec_zone_create_rrsigs\fR() Adds signatures to the zone \.br \fBzone\fR: the zone to add \%RRSIG Resource Records to \.br \fBnew_rrs\fR: the \%RRSIG RRs that are created are also added to this list, so the caller can free them later \.br \fBkey_list\fR: list of keys to sign with. \.br \fBfunc\fR: Callback function to decide what keys to use and what to do with old signatures \.br \fBarg\fR: Optional argument for the callback function \.br Returns \%LDNS_STATUS_OK on success, error otherwise .PP .SH AUTHOR The ldns team at NLnet Labs. .SH REPORTING BUGS Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at http://www.nlnetlabs.nl/bugs/index.html .SH COPYRIGHT Copyright (c) 2004 - 2006 NLnet Labs. .PP Licensed under the BSD License. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. .SH SEE ALSO \fIldns_dnssec_zone\fR. And \fBperldoc Net::DNS\fR, \fBRFC1034\fR, \fBRFC1035\fR, \fBRFC4033\fR, \fBRFC4034\fR and \fBRFC4035\fR. .SH REMARKS This manpage was automatically generated from the ldns source code.