1VAL_QUERY(1) User Contributed Perl Documentation VAL_QUERY(1)
2
6 val_query(), val_res_query(), val_res_search() - DNSSEC-validated reso‐
7 lution of DNS queries
8
10 #include <validator.h>
11 int val_query(const val_context_t *ctx,
13 const char *dname,
14 const u_int16_t class,
15 const u_int16_t type,
16 const u_int8_t flags,
17 struct val_response **resp);
18 int val_free_response(struct val_response *resp);
20 int val_res_query(const val_context_t *ctx,
22 const char *dname,
23 int class,
24 int type,
25 u_char *answer,
26 int anslen,
27 val_status_t *val_status);
28 int val_res_search(val_context_t * ctx,
30 const char *dname,
31 int class_h,
32 int type,
33 u_char * answer,
34 int anslen,
35 val_status_t * val_status);
36
38 The val_query() and val_res_query() functions perform DNSSEC valida‐
39 tion of DNS queries. They are DNSSEC-aware substitutes for
40 res_query(3). val_res_search() is a DNSSEC-aware substitute for the
41 res_search(3) function.
42 The ctx parameter is the validator context and can be set to NULL for
44 default settings. More information about this field can be found in
45 libval(3).
46 The dname parameter specifies the domain name, class specifies the DNS
48 class and type specifies the DNS type.
49 The val_query() function returns results in the resp linked list which
51 encapsulates the results into the following structure:
52 struct val_response
54 {
55 unsigned char *vr_response;
56 int vr_length;
57 val_status_t vr_val_status;
58 struct val_response *vr_next;
59 };
60 The vr_response and vr_length fields are functionally similar to the
62 answer and anslen parameters in res_query(3). Memory for the resp
63 linked list is internally allocated and must be released after a suc‐
64 cessful invocation of the function using the val_free_response() func‐
65 tion. Each element in the resp linked list will contain an answer cor‐
66 responding to a single RRSet in the DNS reply.
67 The validation status is returned in the vr_val_status field of the
69 val_response structure for that RRSet. p_val_status() returns a brief
70 string description of the error code. val_istrusted() determines if
71 the status code indicates that the response can be trusted and
72 val_isvalidated() determines if the status code indicates that the
73 response was validated. (See libval(3) for further information).
74 The flags parameter controls the scope of validation and name resolu‐
76 tion, and the output format. Three values, which may be ORed together,
77 are currently defined for this field. The VAL_QUERY_MERGE_RRSETS flag
78 is provided for applications that wish to merge all rrsets into a sin‐
79 gle response returned in the first element of the resp array. The
80 response field of this element will have a format similar to the answer
81 returned by res_query(3). The VAL_QUERY_DONT_VALIDATE flag causes the
82 validator to disable validation for this query, and the
83 VAL_QUERY_NO_DLV flag causes the validator to disable DLV processing
84 for this query. The last flag is only available if the libval(3)
85 library has been compiled with DLV support.
86 val_res_query() is provided as a closer substitute for res_query(3).
88 It calls val_query() internally with the VAL_QUERY_MERGE_RRSETS flag
89 and returns the answers in the field answer with length of anslen.
90 val_res_search() performs an operation similar to val_res_query(). In
92 addition, it uses the search paths specified within the
93 /etc/resolv.conf file to create the fully qualified domain name.
94 The validation status values for val_res_query() and val_res_search()
96 functions are returned in their respective val_status fields.
97
99 The val_query() function returns 0 on success. It invokes
100 resolve_n_check() internally and errors from this function may be
101 returned.
102 val_res_query() and val_res_search() return the number of bytes
104 received on success and -1 on failure.
105
107 #include <stdio.h>
108 #include <stdlib.h>
109 #include <strings.h>
110 #include <arpa/nameser.h>
111 #include <validator.h>
112 #define BUFLEN 8096
114 #define RESPCOUNT 3
115 int main(int argc, char *argv[])
117 {
118 int retval;
119 int i;
120 int class = ns_c_in;
121 int type = ns_t_a;
122 struct val_response *resp, *iter;
123 if (argc < 2) {
125 printf("Usage: %s <domain-name>\n", argv[0]);
126 exit(1);
127 }
128 retval = val_query(NULL, argv[1], class, type, 0, &resp);
130 if (retval == 0) {
132 for (iter=resp; iter; iter=iter->vr_next) {
133 printf("Validation Status = %d [%s]\n", iter->vr_val_status,
134 p_val_status(iter->vr_val_status));
135 }
136 }
137 free_val_response(resp);
139 return 0;
141 }
142
144 Copyright 2004-2007 SPARTA, Inc. All rights reserved. See the COPYING
145 file included with the DNSSEC-Tools package for details.
146
148 Abhijit Hayatnagarkar, Suresh Krishnaswamy, Robert Story.
149
151 res_query(3)
152 get_context(3), val_getaddrinfo(3), val_gethostbyname(3)
154 libval(3)
156 http://dnssec-tools.sourceforge.net
158perl v5.8.6 2007-09-11 VAL_QUERY(1)