[ldns-users] ldns patch for ldns-verify-zone to take a time offset

Willem Toorop Willem at NLnetLabs.nl
Tue Nov 1 22:24:23 UTC 2011


Paul,

I faced the same problem when implementing a way to be able to specify
how things should be converted to string; The output formats. You either
have to do what you did (however with different function names so we
don't break the API) or use a cover channel (carry the check_time in the
rrsigs, or in the keys) but that is too weird, or use a global (
	void dns_set_time_func(time_t (*time_func)(time_t *))
and maybe also
	time_t (*ldns_get_time_func())(time_t *)
). But globals are considered bad practise and also issues with thread
safety arise.

I am not sure what to do. Similar needs might arise in the future. A
global modifiable configuration for ldns would be convenient. On the
other hand, the API currently does not use (configurable) globals. It
would be more in the style of the current API to pass the check_time
down. It would also make explicit which functions eventually test
against "current" time.

-- Willem

Op 01-11-11 18:32, Paul Wouters schreef:
> 
> Hi,
> 
> While investigating a dnssec-signzone bug, I had the need to verify
> signed zones in the future. Unfortunately, ldns-verify-zone did not
> support it. I wrote a patch, but it bleeds changes over the entire ldns
> API because we keep needing to pass the time offset around.
> 
> The patch uses uint32_t because that was already used internally, though
> I think it
> should really use time_t.
> 
> Perhaps the ldns authors can come up with a less invasive patch? Or if
> they deem this
> is the right fix, accept it and bump the SO version.
> 
> Paul
> 
> 
> _______________________________________________
> ldns-users mailing list
> ldns-users at open.nlnetlabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/ldns-users



More information about the ldns-users mailing list