summaryrefslogtreecommitdiff
path: root/validator/val_anchor.c
diff options
context:
space:
mode:
Diffstat (limited to 'validator/val_anchor.c')
-rw-r--r--validator/val_anchor.c36
1 files changed, 36 insertions, 0 deletions
diff --git a/validator/val_anchor.c b/validator/val_anchor.c
index 2a7e0beeb6c5..6c6322447d6d 100644
--- a/validator/val_anchor.c
+++ b/validator/val_anchor.c
@@ -1273,3 +1273,39 @@ anchors_delete_insecure(struct val_anchors* anchors, uint16_t c,
anchors_delfunc(&ta->node, NULL);
}
+/** compare two keytags, return -1, 0 or 1 */
+static int
+keytag_compare(const void* x, const void* y)
+{
+ if(*(uint16_t*)x == *(uint16_t*)y)
+ return 0;
+ if(*(uint16_t*)x > *(uint16_t*)y)
+ return 1;
+ return -1;
+}
+
+size_t
+anchor_list_keytags(struct trust_anchor* ta, uint16_t* list, size_t num)
+{
+ size_t i, ret = 0;
+ if(ta->numDS == 0 && ta->numDNSKEY == 0)
+ return 0; /* insecure point */
+ if(ta->numDS != 0 && ta->ds_rrset) {
+ struct packed_rrset_data* d=(struct packed_rrset_data*)
+ ta->ds_rrset->entry.data;
+ for(i=0; i<d->count; i++) {
+ if(ret == num) continue;
+ list[ret++] = ds_get_keytag(ta->ds_rrset, i);
+ }
+ }
+ if(ta->numDNSKEY != 0 && ta->dnskey_rrset) {
+ struct packed_rrset_data* d=(struct packed_rrset_data*)
+ ta->dnskey_rrset->entry.data;
+ for(i=0; i<d->count; i++) {
+ if(ret == num) continue;
+ list[ret++] = dnskey_calc_keytag(ta->dnskey_rrset, i);
+ }
+ }
+ qsort(list, ret, sizeof(*list), keytag_compare);
+ return ret;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-11 15:56:01 +0000