val_getaddrinfo(3) get DNSSEC-validated network

SYNOPSIS


#include <validator/validator.h>
int val_getaddrinfo(const struct val_context *ctx,
const char *nodename,
const char *servname,
const struct addrinfo *hints,
struct addrinfo **res,
val_status_t * val_status);
int val_getnameinfo(val_context_t * ctx,
const struct sockaddr *sa,
socklen_t salen,
char *host,
size_t hostlen,
char *serv,
size_t servlen,
int flags,
val_status_t * val_status);

DESCRIPTION

val_getaddrinfo() and val_getnameinfo perform DNSSEC validation of DNS queries. They are intended to be DNSSEC-aware replacements for getaddrinfo(3) and getnameinfo(3).

val_getaddrinfo() returns a network address value of type struct addrinfo in the res parameter. val_getnameinfo is used to convert a sockaddr structure to a pair of host name and service strings.

val_status gives the combined validation status value for all answers returned by the each of the functions. val_istrusted() and val_isvalidated() can be used to determine the trustworthiness of data and p_val_status() can be used to display the status value to the user in ASCII format (See libval(3) more for information).

The ctx parameter specifies the validation context, which can be set to NULL for default values (see libval(3) and dnsval.conf for more details on validation contexts and validation policy).

The nodename, servname, and hints parameters have similar syntax and semantics as the corresponding parameters for the original getaddrinfo() function. The res parameter is similar to the res parameter for getaddrinfo(). Please see the manual page for getaddrinfo(3) for more details about these parameters.

RETURN VALUES

The val_getaddrinfo() function returns 0 on success and a non-zero error code on failure. *res will point to a dynamically allocated linked list of addrinfo structures on success and will be NULL if no answer was available.

The val_status parameter gives an indication for trustworthiness of data. If *res is NULL, this value gives an indication of whether the non-existence of data can be trusted or not.

EXAMPLE

 #include <stdio.h>
 #include <stdlib.h>
 #include <validator.h>
 int main(int argc, char *argv[])
 {
          struct addrinfo *ainfo = NULL;
          int retval;
          if (argc < 2) {
                  printf("Usage: %s <hostname>\n", argv[0]);
                  exit(1);
          }
          retval = val_getaddrinfo(NULL, argv[1], NULL, NULL, &ainfo);
          if ((retval == 0) && (ainfo != NULL)) {
                  printf("Validation Status = %d [%s]\n",
                         ainfo->ai_val_status,
                         p_val_status(ainfo->ai_val_status));
                  val_freeaddrinfo(ainfo);
          }
          return 0;
 }

COPYRIGHT

Copyright 2004-2013 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.

AUTHORS

Abhijit Hayatnagarkar, Michael Baer