ldns_zone *
ldns_zone_sign_nsec3(ldns_zone *zone, ldns_key_list *key_list, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt)
{
ldns_dnssec_zone *dnssec_zone;
ldns_zone *signed_zone;
ldns_rr_list *new_rrs;
size_t i;
signed_zone = ldns_zone_new();
dnssec_zone = ldns_dnssec_zone_new();
(void) ldns_dnssec_zone_add_rr(dnssec_zone, ldns_zone_soa(zone));
ldns_zone_set_soa(signed_zone, ldns_zone_soa(zone));
for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(zone)); i++) {
(void) ldns_dnssec_zone_add_rr(dnssec_zone,
ldns_rr_list_rr(ldns_zone_rrs(zone),
i));
ldns_zone_push_rr(signed_zone,
ldns_rr_clone(ldns_rr_list_rr(ldns_zone_rrs(zone),
i)));
}
new_rrs = ldns_rr_list_new();
(void) ldns_dnssec_zone_sign_nsec3(dnssec_zone,
new_rrs,
key_list,
ldns_dnssec_default_replace_signatures,
NULL,
algorithm,
flags,
iterations,
salt_length,
salt);
for (i = 0; i < ldns_rr_list_rr_count(new_rrs); i++) {
ldns_rr_list_push_rr(ldns_zone_rrs(signed_zone),
ldns_rr_clone(ldns_rr_list_rr(new_rrs, i)));
}
ldns_rr_list_deep_free(new_rrs);
ldns_dnssec_zone_free(dnssec_zone);
return signed_zone;
}
ldns_zone *
ldns_zone_sign(const ldns_zone *zone, ldns_key_list *key_list)
{
ldns_dnssec_zone *dnssec_zone;
ldns_zone *signed_zone;
ldns_rr_list *new_rrs;
size_t i;
signed_zone = ldns_zone_new();
dnssec_zone = ldns_dnssec_zone_new();
(void) ldns_dnssec_zone_add_rr(dnssec_zone, ldns_zone_soa(zone));
ldns_zone_set_soa(signed_zone, ldns_zone_soa(zone));
for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(zone)); i++) {
(void) ldns_dnssec_zone_add_rr(dnssec_zone,
ldns_rr_list_rr(ldns_zone_rrs(zone),
i));
ldns_zone_push_rr(signed_zone,
ldns_rr_clone(ldns_rr_list_rr(ldns_zone_rrs(zone),
i)));
}
new_rrs = ldns_rr_list_new();
(void) ldns_dnssec_zone_sign(dnssec_zone,
new_rrs,
key_list,
ldns_dnssec_default_replace_signatures,
NULL);
for (i = 0; i < ldns_rr_list_rr_count(new_rrs); i++) {
ldns_rr_list_push_rr(ldns_zone_rrs(signed_zone),
ldns_rr_clone(ldns_rr_list_rr(new_rrs, i)));
}
ldns_rr_list_deep_free(new_rrs);
ldns_dnssec_zone_free(dnssec_zone);
return signed_zone;
}
ldns_status
ldns_zone_new_frm_fp_l(ldns_zone **z, FILE *fp, ldns_rdf *origin, uint32_t ttl, ldns_rr_class c,
int *line_nr)
{
ldns_zone *newzone;
ldns_rr *rr;
uint32_t my_ttl = ttl;
ldns_rr_class my_class = c;
ldns_rr *last_rr = NULL;
ldns_rdf *my_origin;
ldns_rdf *my_prev;
bool soa_seen = false; /* 2 soa are an error */
ldns_status s;
newzone = ldns_zone_new();
my_origin = origin;
my_ttl = ttl;
my_class = c;
if (origin) {
my_origin = ldns_rdf_clone(origin);
/* also set the prev */
my_prev = ldns_rdf_clone(origin);
} else {
my_origin = NULL;
my_prev = NULL;
}
while(!feof(fp)) {
s = ldns_rr_new_frm_fp_l(&rr, fp, &my_ttl, &my_origin, &my_prev, line_nr);
switch (s) {
case LDNS_STATUS_OK:
if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) {
if (soa_seen) {
/* second SOA
* just skip, maybe we want to say
* something??? */
ldns_rr_free(rr);
continue;
}
soa_seen = true;
ldns_zone_set_soa(newzone, rr);
/* set origin to soa if not specified */
if (!my_origin) {
my_origin = ldns_rdf_clone(ldns_rr_owner(rr));
}
continue;
}
/* a normal RR - as sofar the DNS is normal */
last_rr = rr;
if (!ldns_zone_push_rr(newzone, rr)) {
if (my_origin) {
ldns_rdf_deep_free(my_origin);
}
ldns_zone_free(newzone);
return LDNS_STATUS_MEM_ERR;
}
/*my_origin = ldns_rr_owner(rr);*/
my_ttl = ldns_rr_ttl(rr);
my_class = ldns_rr_get_class(rr);
case LDNS_STATUS_SYNTAX_EMPTY:
/* empty line was seen */
case LDNS_STATUS_SYNTAX_TTL:
/* the function set the ttl */
break;
case LDNS_STATUS_SYNTAX_ORIGIN:
/* the function set the origin */
break;
default:
ldns_zone_free(newzone);
return s;
}
}
if (my_origin) {
ldns_rdf_deep_free(my_origin);
}
if (my_prev) {
ldns_rdf_deep_free(my_prev);
}
if (z) {
*z = newzone;
}
return LDNS_STATUS_OK;
}
