NAME¶
val_get_rrset() - get DNSSEC-validated resource record information
SYNOPSIS¶
#include <validator.h>
struct val_answer_chain {
val_status_t val_ans_status;
char *val_ans_name;
int val_ans_class;
int val_ans_type;
struct rr_rec *val_ans;
struct val_answer_chain *val_ans_next;
};
struct rr_rec {
size_t rr_length;
unsigned char *rr_data;
struct rr_rec *rr_next;
};
int val_get_rrset(val_context_t *ctx,
const char *name,
int class,
int type,
unsigned int flags,
struct val_answer_chain **answers);
void val_free_answer_chain(struct val_answer_chain *answers);
DESCRIPTION¶
val_get_rrset() performs DNSSEC validation for the given
DNS name, class and type. It returns the DNSSEC validation status for the
resource record set, but does not return any authentication chain details. If
the authentication chain details are required, the
val_resolve_and_check() function must be used instead.
val_get_rrset() returns its results in the val_answer_chain
structure. The memory for this structure is allocated by val_get_rrset; the
user must release this memory after use using the
val_free_answer_chain() function.
The RRsets in the response are returned in the val_answer_chain structure. The
val_ans_name member contains the DNS name of the actual resource record set
returned. This value may differ from the value passed as the
name
argument to
val_get_rrset() if the resource record was returned after
following a CNAME or DNAME alias. val_ans_name and val_ans_type contains the
actual class and type for the returned resource record. These values may
differ from the values passed as arguments to
val_get_rrset() if the
query type or class has the value 255 (ANY). The resource record set is
returned in
val_ansas a linked list of rr_length and rr_data tuples,
for data returned in each resource record of the resource record set.
val_ans may be NULL if the name is non-existant.
val_ans_status gives the combined validation status value for the the
given RRset.
val_istrusted() and
val_isvalidated() can be used to determine the
trustworthiness of data and
p_val_status() can be used to
display the status value to the user in ASCII format (See
libval(3) more for information).
The
ctx parameter specifies the validation context, which can be set to
NULL for default values (see
libval(3) and
dnsval.conf for more details on validation contexts and validation
policy).
RETURN VALUES¶
The
val_get_rrset() function returns 0 on success and one
of the error codes defined in
libval(3) on failure.
COPYRIGHT¶
Copyright 2004-2013 SPARTA, Inc. All rights reserved. See the COPYING file
included with the DNSSEC-Tools package for details.
AUTHORS¶
Suresh Krishnaswamy
SEE ALSO¶
val_getaddrinfo(3)
val_gethostbyname(3),
val_res_query(3)
libval(3)
http://www.dnssec-tools.org