Lines Matching defs:nsec3param
794 dns_rdata_nsec3param_t nsec3param;
809 * 'nsec3param' contains the parameters of the NSEC3 chain being created
812 * 'salt' is buffer space and is referenced via 'nsec3param.salt'.
1097 typedef struct nsec3param nsec3param_t;
1098 struct nsec3param {
3585 zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param) {
3616 if (!nsec3ok && (nsec3param->flags & DNS_NSEC3FLAG_REMOVE) == 0) {
3632 nsec3chain->nsec3param.common.rdclass = nsec3param->common.rdclass;
3633 nsec3chain->nsec3param.common.rdtype = nsec3param->common.rdtype;
3634 nsec3chain->nsec3param.hash = nsec3param->hash;
3635 nsec3chain->nsec3param.iterations = nsec3param->iterations;
3636 nsec3chain->nsec3param.flags = nsec3param->flags;
3637 nsec3chain->nsec3param.salt_length = nsec3param->salt_length;
3638 memmove(nsec3chain->salt, nsec3param->salt, nsec3param->salt_length);
3639 nsec3chain->nsec3param.salt = nsec3chain->salt;
3647 if (nsec3param->flags == 0) {
3651 if ((nsec3param->flags & DNS_NSEC3FLAG_REMOVE) != 0) {
3654 if ((nsec3param->flags & DNS_NSEC3FLAG_INITIAL) != 0) {
3661 if ((nsec3param->flags & DNS_NSEC3FLAG_CREATE) != 0) {
3668 if ((nsec3param->flags & DNS_NSEC3FLAG_NONSEC) != 0) {
3675 if ((nsec3param->flags & DNS_NSEC3FLAG_OPTOUT) != 0) {
3683 result = dns_nsec3param_salttotext(nsec3param, saltbuf,
3687 nsec3param->hash, flags, nsec3param->iterations, saltbuf);
3698 (current->nsec3param.hash == nsec3param->hash) &&
3699 (current->nsec3param.iterations ==
3700 nsec3param->iterations) &&
3701 (current->nsec3param.salt_length ==
3702 nsec3param->salt_length) &&
3703 memcmp(current->nsec3param.salt, nsec3param->salt,
3704 nsec3param->salt_length) == 0)
3716 if ((nsec3chain->nsec3param.flags & DNS_NSEC3FLAG_CREATE) != 0) {
3775 dns_rdata_nsec3param_t nsec3param;
3837 result = dns_rdata_tostruct(&rdata, &nsec3param, NULL);
3839 if (((nsec3param.flags & DNS_NSEC3FLAG_REMOVE) != 0) ||
3840 ((nsec3param.flags & DNS_NSEC3FLAG_CREATE) != 0 && nsec3ok))
3847 result = zone_addnsec3chain(zone, &nsec3param);
3922 dns_rdata_nsec3param_t nsec3param;
3933 "nsec3param lookup failure: %s",
3950 "nsec3param lookup failure: %s",
3961 result = dns_rdata_tostruct(&rdata, &nsec3param, NULL);
3971 nsec3param.hash == DNS_NSEC3_UNKNOWNALG && !dynamic)
3976 nsec3param.hash);
3978 } else if (!dns_nsec3_supportedhash(nsec3param.hash)) {
3983 nsec3param.hash);
3992 nsec3param.hash);
4001 if (nsec3param.iterations > dns_nsec3_maxiterations()) {
4004 nsec3param.iterations,
7858 dns_rdata_nsec3param_t nsec3param;
7901 CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));
7903 if (nsec3param.hash != chain->nsec3param.hash ||
7904 (active && nsec3param.flags != 0) ||
7905 nsec3param.iterations != chain->nsec3param.iterations ||
7906 nsec3param.salt_length != chain->nsec3param.salt_length ||
7907 memcmp(nsec3param.salt, chain->nsec3param.salt,
7908 nsec3param.salt_length))
7941 CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));
7943 if (nsec3param.hash != chain->nsec3param.hash ||
7944 (active && nsec3param.flags != 0) ||
7945 nsec3param.iterations !=
7946 chain->nsec3param.iterations ||
7947 nsec3param.salt_length !=
7948 chain->nsec3param.salt_length ||
7949 memcmp(nsec3param.salt, chain->nsec3param.salt,
7950 nsec3param.salt_length))
7995 CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));
7998 (nsec3param.flags & DNS_NSEC3FLAG_INITIAL) != 0) ||
7999 nsec3param.hash != chain->nsec3param.hash ||
8000 nsec3param.iterations != chain->nsec3param.iterations ||
8001 nsec3param.salt_length != chain->nsec3param.salt_length ||
8002 memcmp(nsec3param.salt, chain->nsec3param.salt,
8003 nsec3param.salt_length))
8018 if ((chain->nsec3param.flags & DNS_NSEC3FLAG_REMOVE) != 0) {
8027 * Note: we do not clear chain->nsec3param.flags as this change
8032 dns_rdatatype_nsec3param, &chain->nsec3param,
8447 if (NSEC3REMOVE(nsec3chain->nsec3param.flags)) {
8538 db, version, name, &nsec3chain->nsec3param,
8663 if (!NSEC3REMOVE(nsec3chain->nsec3param.flags)) {
8672 (nsec3chain->nsec3param.flags & DNS_NSEC3FLAG_NONSEC) == 0)
8675 &nsec3chain->nsec3param,
8717 &nsec3chain->nsec3param,
17128 nsec3param_t *nsec3param = NULL;
17154 * Walk nsec3param rdataset making a list of parameters (note that
17168 "looping through nsec3param data");
17169 nsec3param = isc_mem_get(zone->mctx, sizeof(nsec3param_t));
17170 ISC_LINK_INIT(nsec3param, link);
17174 * the nsec3param
17177 nsec3param->data,
17178 sizeof(nsec3param->data));
17179 nsec3param->length = private.length;
17180 ISC_LIST_APPEND(*nsec3list, nsec3param, link);
17204 "looping through nsec3param private data");
17242 nsec3param = isc_mem_get(zone->mctx, sizeof(nsec3param_t));
17243 ISC_LINK_INIT(nsec3param, link);
17249 INSIST(private.length <= sizeof(nsec3param->data));
17250 memmove(nsec3param->data, private.data, private.length);
17251 nsec3param->length = private.length;
17252 ISC_LIST_APPEND(*nsec3list, nsec3param, link);
20221 dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param) {
20227 result = dns_nsec3param_salttotext(nsec3param, salt, sizeof(salt));
20231 nsec3param->hash, nsec3param->iterations, salt);
20233 result = zone_addnsec3chain(zone, nsec3param);
22807 dns_rdata_nsec3param_t nsec3param;
22821 result = dns_rdata_tostruct(&rdata, &nsec3param, NULL);
22823 if (nsec3param.flags == 0) {
22827 result = zone_addnsec3chain(zone, &nsec3param);
23788 "setnsec3param:lookup nsec3param -> %s",
23973 dns_rdata_nsec3param_t nsec3param;
24019 result = dns_rdata_tostruct(&rdata, &nsec3param, NULL);
24024 if (nsec3param.hash != lookup->hash) {
24027 if (nsec3param.iterations != lookup->iterations) {
24030 if (nsec3param.salt_length != lookup->salt_length) {
24034 if (memcmp(nsec3param.salt, lookup->salt,
24042 param->hash = nsec3param.hash;
24043 param->flags = nsec3param.flags;
24044 param->iterations = nsec3param.iterations;
24045 param->salt_length = nsec3param.salt_length;
24046 param->salt = nsec3param.salt;
24118 * Called when an "rndc signing -nsec3param ..." command is received, or the
24124 * - if NSEC3 is to be disabled ("-nsec3param none"), only set the "nsec"
24186 *np = (struct nsec3param){