38 #define SE_MAX_RRTYPE_COUNT 65536
40 static const char* denial_str =
"denial";
52 if (!dname || !zoneptr) {
58 ods_log_error(
"[%s] unable to create denial: allocator_alloc() "
59 "failed", denial_str);
62 denial->
dname = dname;
63 denial->
zone = zoneptr;
78 denial_create_bitmap(
denial_type* denial, ldns_rr_type types[],
91 if (dstatus == LDNS_RR_TYPE_SOA) {
94 if (dstatus == LDNS_RR_TYPE_SOA ||
95 rrset->
rrtype == LDNS_RR_TYPE_NS ||
96 rrset->
rrtype == LDNS_RR_TYPE_DS) {
98 types[*types_count] = rrset->
rrtype;
99 *types_count = *types_count + 1;
113 denial_create_nsec3_nxt(ldns_rdf* nxt)
115 ldns_status status = LDNS_STATUS_OK;
116 ldns_rdf* next_owner_label = NULL;
117 ldns_rdf* next_owner_rdf = NULL;
118 char* next_owner_string = NULL;
121 next_owner_label = ldns_dname_label(nxt, 0);
122 if (!next_owner_label) {
124 "ldns_dname_label() failed", denial_str);
127 next_owner_string = ldns_rdf2str(next_owner_label);
128 if (!next_owner_string) {
130 "ldns_rdf2str() failed", denial_str);
131 ldns_rdf_deep_free(next_owner_label);
134 if (next_owner_string[strlen(next_owner_string)-1] ==
'.') {
135 next_owner_string[strlen(next_owner_string)-1] =
'\0';
137 status = ldns_str2rdf_b32_ext(&next_owner_rdf, next_owner_string);
138 if (status != LDNS_STATUS_OK) {
140 "ldns_str2rdf_b32_ext() failed", denial_str);
142 free((
void*)next_owner_string);
143 ldns_rdf_deep_free(next_owner_label);
144 return next_owner_rdf;
156 ldns_rr* nsec_rr = NULL;
157 ldns_rr_type rrtype = LDNS_RR_TYPE_NSEC;
158 ldns_rr_type dstatus = LDNS_RR_TYPE_FIRST;
159 ldns_rdf* rdf = NULL;
162 size_t types_count = 0;
168 nsec_rr = ldns_rr_new();
171 "ldns_rr_new() failed", denial_str);
176 rrtype = LDNS_RR_TYPE_NSEC3;
178 ldns_rr_set_type(nsec_rr, rrtype);
180 rdf = ldns_rdf_clone(denial->
dname);
183 "ldns_rdf_clone(owner) failed", denial_str);
184 ldns_rr_free(nsec_rr);
187 ldns_rr_set_owner(nsec_rr, rdf);
192 ldns_rr_push_rdf(nsec_rr, NULL);
199 rdf = denial_create_nsec3_nxt(nxt->
dname);
201 rdf = ldns_rdf_clone(nxt->
dname);
205 "create next field failed", denial_str);
206 ldns_rr_free(nsec_rr);
209 ldns_rr_push_rdf(nsec_rr, rdf);
211 denial_create_bitmap(denial, types, &types_count);
215 if (dstatus == LDNS_RR_TYPE_SOA) {
217 if (dstatus != LDNS_RR_TYPE_NS && domain->
rrsets) {
219 types[types_count] = LDNS_RR_TYPE_RRSIG;
225 types[types_count] = LDNS_RR_TYPE_RRSIG;
227 types[types_count] = LDNS_RR_TYPE_NSEC;
230 rdf = ldns_dnssec_create_nsec_bitmap(types, types_count, rrtype);
233 "ldns_dnssec_create_nsec_bitmap() failed", denial_str);
234 ldns_rr_free(nsec_rr);
237 ldns_rr_push_rdf(nsec_rr, rdf);
238 ldns_rr_set_ttl(nsec_rr, ttl);
239 ldns_rr_set_class(nsec_rr, klass);
251 if (denial && denial->
rrset) {
272 if (!denial->
rrset) {
278 if (!denial->
rrset) {
287 record->
owner = (
void*) denial;
302 ldns_rr* nsec_rr = NULL;
311 nsec_rr = denial_create_nsec(denial, nxt, zone->
default_ttl,
315 "failed", denial_str);
333 if (!denial || !fd) {
335 ods_log_crit(
"[%s] unable to print denial: denial of fd missing",
360 ldns_rdf_deep_free(denial->
dname);