<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> <title>unbound: val_env Struct Reference</title> <link href="tabs.css" rel="stylesheet" type="text/css"> <link href="doxygen.css" rel="stylesheet" type="text/css"> </head><body> <!-- Generated by Doxygen 1.5.9 --> <div class="navigation" id="top"> <div class="tabs"> <ul> <li><a href="index.html"><span>Main Page</span></a></li> <li class="current"><a href="annotated.html"><span>Data Structures</span></a></li> <li><a href="files.html"><span>Files</span></a></li> <li><a href="dirs.html"><span>Directories</span></a></li> </ul> </div> <div class="tabs"> <ul> <li><a href="annotated.html"><span>Data Structures</span></a></li> <li><a href="classes.html"><span>Data Structure Index</span></a></li> <li><a href="functions.html"><span>Data Fields</span></a></li> </ul> </div> </div> <div class="contents"> <h1>val_env Struct Reference</h1><!-- doxytag: class="val_env" -->Global state for the validator. <a href="#_details">More...</a> <p> <code>#include <validator.h></code> <p> <table border="0" cellpadding="0" cellspacing="0"> <tr><td></td></tr> <tr><td colspan="2"><br><h2>Data Fields</h2></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top">struct <a class="el" href="structkey__cache.html">key_cache</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#37a3025611f82e5acef6c9df0816c689">kcache</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">key cache; these are validated keys. <a href="#37a3025611f82e5acef6c9df0816c689"></a><br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top">struct <a class="el" href="structval__neg__cache.html">val_neg_cache</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#cc8e41be5626e36ae425a07c6d0886d1">neg_cache</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">aggressive negative cache. <a href="#cc8e41be5626e36ae425a07c6d0886d1"></a><br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top">int32_t </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#3cd616adcc9ac9fc38ebc233be650915">date_override</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">for debug testing a fixed validation date can be entered. <a href="#3cd616adcc9ac9fc38ebc233be650915"></a><br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="ec945139bf86ada1442897e9c782d069"></a><!-- doxytag: member="val_env::skew_min" ref="ec945139bf86ada1442897e9c782d069" args="" --> int32_t </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#ec945139bf86ada1442897e9c782d069">skew_min</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">clock skew min for signatures <br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="0b5db2fb1c765c8b5ffa432d752880d0"></a><!-- doxytag: member="val_env::skew_max" ref="0b5db2fb1c765c8b5ffa432d752880d0" args="" --> int32_t </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#0b5db2fb1c765c8b5ffa432d752880d0">skew_max</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">clock skew max for signatures <br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top">uint32_t </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#fdc97db59cdb9c6a4a6632e2f03cbe4f">bogus_ttl</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">TTL for bogus data; used instead of untrusted TTL from data. <a href="#fdc97db59cdb9c6a4a6632e2f03cbe4f"></a><br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="b57dd2275b7f45529c94431e91219e68"></a><!-- doxytag: member="val_env::clean_additional" ref="b57dd2275b7f45529c94431e91219e68" args="" --> int </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#b57dd2275b7f45529c94431e91219e68">clean_additional</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">If set, the validator should clean the additional section of secure messages. <br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#b6228725cc3defb031ef5e1a26ef8bf1">permissive_mode</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">If set, the validator will not make messages bogus, instead indeterminate is issued, so that no clients receive SERVFAIL. <a href="#b6228725cc3defb031ef5e1a26ef8bf1"></a><br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#f6218b248dc2a09d28e8c48c8b6344b1">nsec3_keyiter_count</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">Number of entries in the NSEC3 maximum iteration count table. <a href="#f6218b248dc2a09d28e8c48c8b6344b1"></a><br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top">size_t * </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#038508f689c5b1bbee50c144e1e3b7b6">nsec3_keysize</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">NSEC3 maximum iteration count per signing key size. <a href="#038508f689c5b1bbee50c144e1e3b7b6"></a><br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top">size_t * </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#f481a5fe350a00c025c3dc8cd63c43e3">nsec3_maxiter</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">NSEC3 maximum iteration count per signing key size. <a href="#f481a5fe350a00c025c3dc8cd63c43e3"></a><br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="46c792e241badc739b881d89b7eac45d"></a><!-- doxytag: member="val_env::bogus_lock" ref="46c792e241badc739b881d89b7eac45d" args="" --> lock_basic_t </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#46c792e241badc739b881d89b7eac45d">bogus_lock</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">lock on bogus counter <br></td></tr> <tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="16e6b9f176723bf6556367f79a51e807"></a><!-- doxytag: member="val_env::num_rrset_bogus" ref="16e6b9f176723bf6556367f79a51e807" args="" --> size_t </td><td class="memItemRight" valign="bottom"><a class="el" href="structval__env.html#16e6b9f176723bf6556367f79a51e807">num_rrset_bogus</a></td></tr> <tr><td class="mdescLeft"> </td><td class="mdescRight">number of times rrsets marked bogus <br></td></tr> </table> <hr><a name="_details"></a><h2>Detailed Description</h2> Global state for the validator. <hr><h2>Field Documentation</h2> <a class="anchor" name="37a3025611f82e5acef6c9df0816c689"></a><!-- doxytag: member="val_env::kcache" ref="37a3025611f82e5acef6c9df0816c689" args="" --> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">struct <a class="el" href="structkey__cache.html">key_cache</a>* <a class="el" href="structval__env.html#37a3025611f82e5acef6c9df0816c689">val_env::kcache</a><code> [read]</code> </td> </tr> </table> </div> <div class="memdoc"> <p> key cache; these are validated keys. <p> trusted keys only end up here after being primed. <p>Referenced by <a class="el" href="remote_8c_source.html#l01165">do_flush_zone()</a>, <a class="el" href="validator_8c_source.html#l02045">primeResponseToKE()</a>, <a class="el" href="validator_8c_source.html#l02358">process_dnskey_response()</a>, <a class="el" href="validator_8c_source.html#l01158">processInit()</a>, <a class="el" href="validator_8c_source.html#l00101">val_apply_cfg()</a>, <a class="el" href="validator_8c_source.html#l00172">val_deinit()</a>, and <a class="el" href="validator_8c_source.html#l02582">val_get_mem()</a>.</p> </div> </div><p> <a class="anchor" name="cc8e41be5626e36ae425a07c6d0886d1"></a><!-- doxytag: member="val_env::neg_cache" ref="cc8e41be5626e36ae425a07c6d0886d1" args="" --> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">struct <a class="el" href="structval__neg__cache.html">val_neg_cache</a>* <a class="el" href="structval__env.html#cc8e41be5626e36ae425a07c6d0886d1">val_env::neg_cache</a><code> [read]</code> </td> </tr> </table> </div> <div class="memdoc"> <p> aggressive negative cache. <p> index into NSECs in rrset cache. <p>Referenced by <a class="el" href="validator_8c_source.html#l02453">process_dlv_response()</a>, <a class="el" href="validator_8c_source.html#l01837">processDLVLookup()</a>, <a class="el" href="validator_8c_source.html#l00101">val_apply_cfg()</a>, <a class="el" href="validator_8c_source.html#l00172">val_deinit()</a>, <a class="el" href="validator_8c_source.html#l01605">val_dlv_init()</a>, and <a class="el" href="validator_8c_source.html#l02582">val_get_mem()</a>.</p> </div> </div><p> <a class="anchor" name="3cd616adcc9ac9fc38ebc233be650915"></a><!-- doxytag: member="val_env::date_override" ref="3cd616adcc9ac9fc38ebc233be650915" args="" --> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int32_t <a class="el" href="structval__env.html#3cd616adcc9ac9fc38ebc233be650915">val_env::date_override</a> </td> </tr> </table> </div> <div class="memdoc"> <p> for debug testing a fixed validation date can be entered. <p> if 0, current time is used for rrsig validation <p>Referenced by <a class="el" href="val__sigcrypt_8c_source.html#l01100">adjust_ttl()</a>, <a class="el" href="val__sigcrypt_8c_source.html#l01048">check_dates()</a>, <a class="el" href="validator_8c_source.html#l00101">val_apply_cfg()</a>, and <a class="el" href="unitverify_8c_source.html#l00257">verifytest_file()</a>.</p> </div> </div><p> <a class="anchor" name="fdc97db59cdb9c6a4a6632e2f03cbe4f"></a><!-- doxytag: member="val_env::bogus_ttl" ref="fdc97db59cdb9c6a4a6632e2f03cbe4f" args="" --> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">uint32_t <a class="el" href="structval__env.html#fdc97db59cdb9c6a4a6632e2f03cbe4f">val_env::bogus_ttl</a> </td> </tr> </table> </div> <div class="memdoc"> <p> TTL for bogus data; used instead of untrusted TTL from data. <p> Bogus data will not be verified more often than this interval. seconds. <p>Referenced by <a class="el" href="validator_8c_source.html#l01720">processFinished()</a>, <a class="el" href="validator_8c_source.html#l00101">val_apply_cfg()</a>, and <a class="el" href="val__utils_8c_source.html#l00305">val_verify_rrset()</a>.</p> </div> </div><p> <a class="anchor" name="b6228725cc3defb031ef5e1a26ef8bf1"></a><!-- doxytag: member="val_env::permissive_mode" ref="b6228725cc3defb031ef5e1a26ef8bf1" args="" --> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int <a class="el" href="structval__env.html#b6228725cc3defb031ef5e1a26ef8bf1">val_env::permissive_mode</a> </td> </tr> </table> </div> <div class="memdoc"> <p> If set, the validator will not make messages bogus, instead indeterminate is issued, so that no clients receive SERVFAIL. <p> This allows an operator to run validation 'shadow' without hurting responses to clients. <p>Referenced by <a class="el" href="validator_8c_source.html#l01720">processFinished()</a>, <a class="el" href="validator_8c_source.html#l00101">val_apply_cfg()</a>, and <a class="el" href="validator_8c_source.html#l00150">val_init()</a>.</p> </div> </div><p> <a class="anchor" name="f6218b248dc2a09d28e8c48c8b6344b1"></a><!-- doxytag: member="val_env::nsec3_keyiter_count" ref="f6218b248dc2a09d28e8c48c8b6344b1" args="" --> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int <a class="el" href="structval__env.html#f6218b248dc2a09d28e8c48c8b6344b1">val_env::nsec3_keyiter_count</a> </td> </tr> </table> </div> <div class="memdoc"> <p> Number of entries in the NSEC3 maximum iteration count table. <p> Keep this table short, and sorted by size <p>Referenced by <a class="el" href="val__nsec3_8c_source.html#l00448">get_max_iter()</a>, <a class="el" href="validator_8c_source.html#l00101">val_apply_cfg()</a>, and <a class="el" href="validator_8c_source.html#l02582">val_get_mem()</a>.</p> </div> </div><p> <a class="anchor" name="038508f689c5b1bbee50c144e1e3b7b6"></a><!-- doxytag: member="val_env::nsec3_keysize" ref="038508f689c5b1bbee50c144e1e3b7b6" args="" --> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">size_t* <a class="el" href="structval__env.html#038508f689c5b1bbee50c144e1e3b7b6">val_env::nsec3_keysize</a> </td> </tr> </table> </div> <div class="memdoc"> <p> NSEC3 maximum iteration count per signing key size. <p> This array contains key size values (in increasing order) <p>Referenced by <a class="el" href="validator_8c_source.html#l00062">fill_nsec3_iter()</a>, and <a class="el" href="validator_8c_source.html#l00172">val_deinit()</a>.</p> </div> </div><p> <a class="anchor" name="f481a5fe350a00c025c3dc8cd63c43e3"></a><!-- doxytag: member="val_env::nsec3_maxiter" ref="f481a5fe350a00c025c3dc8cd63c43e3" args="" --> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">size_t* <a class="el" href="structval__env.html#f481a5fe350a00c025c3dc8cd63c43e3">val_env::nsec3_maxiter</a> </td> </tr> </table> </div> <div class="memdoc"> <p> NSEC3 maximum iteration count per signing key size. <p> This array contains the maximum iteration count for the keysize in the keysize array. <p>Referenced by <a class="el" href="validator_8c_source.html#l00062">fill_nsec3_iter()</a>, <a class="el" href="val__nsec3_8c_source.html#l00448">get_max_iter()</a>, <a class="el" href="validator_8c_source.html#l00101">val_apply_cfg()</a>, and <a class="el" href="validator_8c_source.html#l00172">val_deinit()</a>.</p> </div> </div><p> <hr>The documentation for this struct was generated from the following file:<ul> <li>validator/<a class="el" href="validator_8h.html">validator.h</a></ul> </div> <hr size="1"><address style="text-align: right;"><small>Generated on Tue Oct 13 06:46:34 2009 for unbound by <a href="http://www.doxygen.org/index.html"> <img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.9 </small></address> </body> </html>