DragonFly On-Line Manual Pages

getdns_validate_dnssec(3)           getdns           getdns_validate_dnssec(3)

NAME
       getdns_validate_dnssec -- DNSSEC validate a given getdns record

LIBRARY
       DNS Resolver library (libgetdns, -lgetdns)

SYNOPSIS
       #include <getdns.h>

       getdns_return_t
       getdns_validate_dnssec (getdns_list *record_to_validate,
          getdns_list *bundle_of_support_records,
          getdns_list *trust_anchor_records)

DESCRIPTION
       If an application wants the API to perform DNSSEC validation without
       using the extensions, it can use the getdns_validate_dnssec() helper
       function. The API will use the resource records in
       bundle_of_support_records to construct the validation chain and the
       DNSKEY or DS records in trust_anchor_records as trust anchors. The
       default list of trust anchor records that is used by the library to
       validate DNSSEC can be retrieved by using the getdns_root_trust_anchor
       helper function.

       record_to_validate the resource record being validated

       bundle_of_support_records records used to construct the validation
          chain

       trust_anchor_records trust anchor records to use for the validation

RETURN VALUES
       GETDNS_DNSSEC_BOGUS the DNSSEC signature is bogus

       GETDNS_DNSSEC_INDETERMINATE validation could not be completed

       GETDNS_DNSSEC_INSECURE one or more pieces of the validation chain are
       demonstrably incorrect

       GETDNS_DNSSEC_SECURE validation succeeded

       GETDNS_RETURN_MEMORY_ERROR an attempt to allocate memory failed

EXAMPLES
       TBD

SEE ALSO
       getdns_root_trust_anchor(3) libgetdns(3)

getdns 0.9.0                     December 2015       getdns_validate_dnssec(3)