From f449f278dd3c70e479a035f50a9bb817a9b433ba Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 17:24:08 +0200
Subject: Adding upstream version 3.2.6.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 src/knot/dnssec/nsec3-chain.h | 69 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 src/knot/dnssec/nsec3-chain.h

(limited to 'src/knot/dnssec/nsec3-chain.h')

diff --git a/src/knot/dnssec/nsec3-chain.h b/src/knot/dnssec/nsec3-chain.h
new file mode 100644
index 0000000..5b3708f
--- /dev/null
+++ b/src/knot/dnssec/nsec3-chain.h
@@ -0,0 +1,69 @@
+/*  Copyright (C) 2020 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+#include <stdint.h>
+#include "libdnssec/nsec.h"
+#include "knot/updates/changesets.h"
+#include "knot/updates/zone-update.h"
+#include "knot/zone/contents.h"
+
+/*!
+ * \brief delete_nsec3_chain   Delete all NSEC3 records and their RRSIGs.
+ */
+int delete_nsec3_chain(zone_update_t *up);
+
+/*!
+ * \brief Creates new NSEC3 chain, add differences from current into a changeset.
+ *
+ * \param zone       Zone to be checked.
+ * \param params     NSEC3 parameters.
+ * \param ttl        TTL for new records.
+ * \param update     Zone update to stare immediate changes into.
+ *
+ * \return KNOT_E*
+ */
+int knot_nsec3_create_chain(const zone_contents_t *zone,
+                            const dnssec_nsec3_params_t *params,
+                            uint32_t ttl,
+                            zone_update_t *update);
+
+/*!
+ * \brief Updates zone's NSEC3 chain to follow the differences in zone update.
+ *
+ * \param update     Zone Update structure holding the zone and its update. Also modified!
+ * \param params     NSEC3 parameters.
+ * \param ttl        TTL for new records.
+ *
+ * \retval KNOT_ENORECORD if the chain must be recreated from scratch.
+ * \return KNOT_E*
+ */
+int knot_nsec3_fix_chain(zone_update_t *update,
+                         const dnssec_nsec3_params_t *params,
+                         uint32_t ttl);
+
+/*!
+ * \brief Validate NSEC3 chain in new_cont as whole.
+ *
+ * \note new_cont must have been adjusted already!
+ */
+int knot_nsec3_check_chain(zone_update_t *update, const dnssec_nsec3_params_t *params);
+
+/*!
+ * \brief Validate NSEC3 chain in new_cont incrementally.
+ */
+int knot_nsec3_check_chain_fix(zone_update_t *update, const dnssec_nsec3_params_t *params);
-- 
cgit v1.2.3