NAME¶
val_getaddrinfo() - get DNSSEC-validated network address and service translation
SYNOPSIS¶
#include <validator.h>
int val_getaddrinfo(const struct val_context *ctx,
const char *nodename,
const char *servname,
const struct addrinfo *hints,
struct addrinfo **res,
val_status_t * val_status);
int val_getnameinfo(val_context_t * ctx,
const struct sockaddr *sa,
socklen_t salen,
char *host,
size_t hostlen,
char *serv,
size_t servlen,
int flags,
val_status_t * val_status);
DESCRIPTION¶
val_getaddrinfo() and
val_getnameinfo perform DNSSEC
validation of DNS queries. They are intended to be DNSSEC-aware replacements
for
getaddrinfo(3) and
getnameinfo(3).
val_getaddrinfo() returns a network address value of type
struct addrinfo in the
res parameter.
val_getnameinfo is used to convert a
sockaddr structure to a
pair of host name and service strings.
val_status gives the combined validation status value for all answers
returned by the each of the functions.
val_istrusted()
and
val_isvalidated() can be used to determine the
trustworthiness of data and
p_val_status() can be used to
display the status value to the user in ASCII format (See
libval(3) more for information).
The
ctx parameter specifies the validation context, which can be set to
NULL for default values (see
libval(3) and
dnsval.conf for more details on validation contexts and validation
policy).
The
nodename,
servname, and
hints parameters have similar
syntax and semantics as the corresponding parameters for the original
getaddrinfo() function. The
res parameter is
similar to the
res parameter for
getaddrinfo().
Please see the manual page for
getaddrinfo(3) for more
details about these parameters.
RETURN VALUES¶
The
val_getaddrinfo() function returns 0 on success and a
non-zero error code on failure.
*res will point to a dynamically
allocated linked list of
addrinfo structures on success and will be
NULL if no answer was available.
The
val_status parameter gives an indication for trustworthiness of data.
If
*res is NULL, this value gives an indication of whether the
non-existence of data can be trusted or not.
EXAMPLE¶
#include <stdio.h>
#include <stdlib.h>
#include <validator.h>
int main(int argc, char *argv[])
{
struct addrinfo *ainfo = NULL;
int retval;
if (argc < 2) {
printf("Usage: %s <hostname>\n", argv[0]);
exit(1);
}
retval = val_getaddrinfo(NULL, argv[1], NULL, NULL, &ainfo);
if ((retval == 0) && (ainfo != NULL)) {
printf("Validation Status = %d [%s]\n",
ainfo->ai_val_status,
p_val_status(ainfo->ai_val_status));
val_freeaddrinfo(ainfo);
}
return 0;
}
COPYRIGHT¶
Copyright 2004-2013 SPARTA, Inc. All rights reserved. See the COPYING file
included with the DNSSEC-Tools package for details.
AUTHORS¶
Abhijit Hayatnagarkar, Michael Baer
SEE ALSO¶
getaddrinfo(3)
val_gethostbyname(3),
val_res_query(3)
libval(3)
http://www.dnssec-tools.org