1
2getdns_validate_dnssec(3)           getdns           getdns_validate_dnssec(3)
3
4
5

NAME

7       getdns_validate_dnssec -- DNSSEC validate a given getdns record
8
9

LIBRARY

11       DNS Resolver library (libgetdns, -lgetdns)
12
13

SYNOPSIS

15       #include <getdns.h>
16
17       getdns_return_t
18       getdns_validate_dnssec (getdns_list *record_to_validate,
19          getdns_list *bundle_of_support_records,
20          getdns_list *trust_anchor_records)
21
22

DESCRIPTION

24       If  an  application  wants the API to perform DNSSEC validation without
25       using the extensions, it can use  the  getdns_validate_dnssec()  helper
26       function.  The  API  will  use  the  resource records in bundle_of_sup‐
27       port_records to construct the validation chain and  the  DNSKEY  or  DS
28       records  in  trust_anchor_records as trust anchors. The default list of
29       trust anchor records that is used by the library to validate DNSSEC can
30       be retrieved by using the getdns_root_trust_anchor helper function.
31
32
33       record_to_validate the resource record being validated
34
35
36       bundle_of_support_records  records  used  to  construct  the validation
37          chain
38
39
40       trust_anchor_records trust anchor records to use for the validation
41
42
43
44

RETURN VALUES

46       GETDNS_DNSSEC_BOGUS the DNSSEC signature is bogus
47
48       GETDNS_DNSSEC_INDETERMINATE validation could not be completed
49
50       GETDNS_DNSSEC_INSECURE one or more pieces of the validation  chain  are
51       demonstrably incorrect
52
53       GETDNS_DNSSEC_SECURE validation succeeded
54
55       GETDNS_RETURN_MEMORY_ERROR an attempt to allocate memory failed
56
57

EXAMPLES

59       TBD
60
61

SEE ALSO

63       getdns_root_trust_anchor(3) libgetdns(3)
64
65
66
67
68getdns 1.5.2                     December 2015       getdns_validate_dnssec(3)
Impressum