val_get_rrset(3) get DNSSEC-validated resource record


#include <validator/validator.h>
struct val_answer_chain {
val_status_t val_ans_status;
char *val_ans_name;
int val_ans_class;
int val_ans_type;
struct rr_rec *val_ans;
struct val_answer_chain *val_ans_next;
struct rr_rec {
size_t rr_length;
unsigned char *rr_data;
struct rr_rec *rr_next;
int val_get_rrset(val_context_t *ctx,
const char *name,
int class,
int type,
unsigned int flags,
struct val_answer_chain **answers);

void val_free_answer_chain(struct val_answer_chain *answers);


val_get_rrset() performs DNSSEC validation for the given DNS name, class and type. It returns the DNSSEC validation status for the resource record set, but does not return any authentication chain details. If the authentication chain details are required, the val_resolve_and_check() function must be used instead.

val_get_rrset() returns its results in the val_answer_chain structure. The memory for this structure is allocated by val_get_rrset; the user must release this memory after use using the val_free_answer_chain() function.

The RRsets in the response are returned in the val_answer_chain structure. The val_ans_name member contains the DNS name of the actual resource record set returned. This value may differ from the value passed as the name argument to val_get_rrset() if the resource record was returned after following a CNAME or DNAME alias. val_ans_name and val_ans_type contains the actual class and type for the returned resource record. These values may differ from the values passed as arguments to val_get_rrset() if the query type or class has the value 255 (ANY). The resource record set is returned in val_ansas a linked list of rr_length and rr_data tuples, for data returned in each resource record of the resource record set. val_ans may be NULL if the name is non-existant.

val_ans_status gives the combined validation status value for the the given RRset. val_istrusted() and val_isvalidated() can be used to determine the trustworthiness of data and p_val_status() can be used to display the status value to the user in ASCII format (See libval(3) more for information).

The ctx parameter specifies the validation context, which can be set to NULL for default values (see libval(3) and dnsval.conf for more details on validation contexts and validation policy).


The val_get_rrset() function returns 0 on success and one of the error codes defined in libval(3) on failure.


Copyright 2004-2013 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.


Suresh Krishnaswamy