.TH ldns 3 "30 May 2006" .SH NAME ldns_dnssec_zone_sign, ldns_dnssec_zone_sign_nsec3, ldns_dnssec_zone_mark_glue, ldns_dnssec_name_node_next_nonglue, ldns_dnssec_zone_create_nsecs, ldns_dnssec_remove_signatures, ldns_dnssec_zone_create_rrsigs\- .SH SYNOPSIS #include .br #include .br .PP #include .PP ldns_status ldns_dnssec_zone_sign(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg); .PP ldns_status ldns_dnssec_zone_sign_nsec3(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt); .PP ldns_dnssec_zone_mark_glue(); .PP ldns_rbnode_t* ldns_dnssec_name_node_next_nonglue(ldns_rbnode_t *node); .PP ldns_status ldns_dnssec_zone_create_nsecs(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs); .PP ldns_dnssec_rrs* ldns_dnssec_remove_signatures(ldns_dnssec_rrs *signatures, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg); .PP ldns_status ldns_dnssec_zone_create_rrsigs(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void*), void *arg); .PP .SH DESCRIPTION .HP \fIldns_dnssec_zone_sign\fR() signs the given zone with the given keys \.br \fBzone\fR: the zone to sign \.br \fBkey_list\fR: the list of keys to sign the zone with \.br \fBnew_rrs\fR: newly created resource records are added to this list, to free them later \.br \fBfunc\fR: callback function that decides what to do with old signatures This function takes an ldns_rr* and an optional void *arg argument, and returns one of four values: \%LDNS_SIGNATURE_LEAVE_ADD_NEW: leave the signature and add a new one for the corresponding key \%LDNS_SIGNATURE_REMOVE_ADD_NEW: remove the signature and replace is with a new one from the same key \%LDNS_SIGNATURE_LEAVE_NO_ADD: leave the signature and do not add a new one with the corresponding key \%LDNS_SIGNATURE_REMOVE_NO_ADD: remove the signature and do not replace \.br \fBarg\fR: optional argument for the callback function \.br Returns \%LDNS_STATUS_OK on success, an error code otherwise .PP .HP \fIldns_dnssec_zone_sign_nsec3\fR() signs the given zone with the given new zone, with NSEC3 \.br \fBzone\fR: the zone to sign \.br \fBkey_list\fR: the list of keys to sign the zone with \.br \fBnew_rrs\fR: newly created resource records are added to this list, to free them later \.br \fBfunc\fR: callback function that decides what to do with old signatures \.br \fBarg\fR: optional argument for the callback function \.br \fBalgorithm\fR: the NSEC3 hashing algorithm to use \.br \fBflags\fR: NSEC3 flags \.br \fBiterations\fR: the number of NSEC3 hash iterations to use \.br \fBsalt_length\fR: the length (in octets) of the NSEC3 salt \.br \fBsalt\fR: the NSEC3 salt data \.br Returns \%LDNS_STATUS_OK on success, an error code otherwise .PP .HP \fIldns_dnssec_zone_mark_glue\fR() .PP .HP \fIldns_dnssec_name_node_next_nonglue\fR() Finds the first dnssec_name node in the rbtree that is not occluded. It *does* return names that are partially occluded. \.br \fBnode\fR: the first node to check \.br Returns the first node that has not been marked as glue, or \%NULL if not found (\%TODO: make that \%LDNS_RBTREE_NULL?) .PP .HP \fIldns_dnssec_zone_create_nsecs\fR() Adds \%NSEC records to the given dnssec_zone \.br \fBzone\fR: the zone to add the records to \.br \fBnew_rrs\fR: ldns_rr's created by this function are added to this rr list, so the caller can free them later \.br Returns \%LDNS_STATUS_OK on success, an error code otherwise .PP .HP \fIldns_dnssec_remove_signatures\fR() remove signatures if callback function tells to \.br \fBsignatures\fR: list of signatures to check, and possibly remove, depending on the value of the callback \.br \fBkey_list\fR: these are marked to be used or not, on the return value of the callback \.br \fBfunc\fR: this function is called to specify what to do with each signature (and corresponding key) \.br \fBarg\fR: Optional argument for the callback function \.br Returns s pointer to the new signatures rrs (the original passed to this function may have been removed) .PP .HP \fIldns_dnssec_zone_create_rrsigs\fR() Adds signatures to the zone \.br \fBzone\fR: the zone to add \%RRSIG Resource Records to \.br \fBnew_rrs\fR: the \%RRSIG RRs that are created are also added to this list, so the caller can free them later \.br \fBkey_list\fR: list of keys to sign with. \.br \fBfunc\fR: Callback function to decide what keys to use and what to do with old signatures \.br \fBarg\fR: Optional argument for the callback function \.br Returns \%LDNS_STATUS_OK on success, error otherwise .PP .SH AUTHOR The ldns team at NLnet Labs. Which consists out of Jelte Jansen and Miek Gieben. .SH REPORTING BUGS Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at http://www.nlnetlabs.nl/bugs/index.html .SH COPYRIGHT Copyright (c) 2004 - 2006 NLnet Labs. .PP Licensed under the BSD License. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. .SH SEE ALSO \fIldns_dnssec_zone\fR. And \fBperldoc Net::DNS\fR, \fBRFC1034\fR, \fBRFC1035\fR, \fBRFC4033\fR, \fBRFC4034\fR and \fBRFC4035\fR. .SH REMARKS This manpage was automaticly generated from the ldns source code by use of Doxygen and some perl.