1libval_shim(3)                Programmer's Manual               libval_shim(3)
2
3
4

NAME

6                             The Validator Shim Library
7

DESCRIPTION

9       The validator shim library (libval_shim.so) is a shared library
10       designed to be dynamically loaded using the 'LD_PRELOAD' mechanism
11       (ld.so(8)) supported on linux and various other unix-like platforms.
12       The shim library implements wrappers for a number of DNS related func‐
13       tions and in turn calls equivalent DNSSEC-aware validating functions
14       from libval(3), mapping the results to return codes recognized by the
15       original functions. In this way a wide variety of applications can be
16       made DNSSEC aware without code changes and recompilation.
17
18       The method of mapping return codes assumes that any 'untrusted' or
19       failure result from the libval(3) function is reflected as a failure to
20       the original calling function.
21
22       Usage:
23
24       To load the library set LD_PRELOAD variable within the environment of
25       the the target application prior to execution:
26
27       Validation Policy:
28
29       The validator shim library will create a policy context and cache it
30       for all subsequent libval(3) calls. A NULL policy label will be passed
31       to create the context. The policy is chosen according to rules defined
32       for libval(3).
33
34       See dnsval.conf(1) for information on policy labels and definition.
35
36       Logging:
37
38       Logging for the libval(3) functions may be enabled in the shim library
39       by setting an environment variable.
40
41       See validate(1) for specifics.
42

NOTES

44       setuid/setgid programs
45
46       setuid and setgid root programs (e.g., ping(8)) do not honor the
47       LD_PRELOAD setting. These application may still use the LD_PRELOAD
48       mechanism when run directly from a root shell.
49
51       Copyright 2004-2011 SPARTA, Inc.  All rights reserved.  See the COPYING
52       file included with the dnssec-tools package for details.
53

AUTHORS

55       G. S. Marzot
56

SEE ALSO

58       libsres(3), libval(3), dnsval.conf(1), gethostbyname(3)
59
60       gethostbyaddr(3), getnameinfo(3), getaddrinfo(3), res_query(3)
61
62
63
64perl v5.8.9                       2011-06-28                    libval_shim(3)
Impressum