2014-04-24 09:13:19 -05:00
|
|
|
.\" The "BSD-New" License
|
|
|
|
.\"
|
|
|
|
.\" Copyright (c) 2013, NLnet Labs, Verisign, Inc.
|
|
|
|
.\" All rights reserved.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions are met:
|
|
|
|
.\" * Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" * Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
|
|
.\" * Neither the names of the copyright holders nor the
|
|
|
|
.\" names of its contributors may be used to endorse or promote products
|
|
|
|
.\" derived from this software without specific prior written permission.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
|
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
|
.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
.\" DISCLAIMED. IN NO EVENT SHALL Verisign, Inc. BE LIABLE FOR ANY
|
|
|
|
.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
|
|
.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
|
|
.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
|
|
.\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
|
|
.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
.\"
|
|
|
|
|
|
|
|
.TH getdns_root_trust_anchor 3 "@date@" "getdns @version@" getdns
|
|
|
|
.SH NAME
|
|
|
|
.B getdns_root_trust_anchor
|
2014-11-10 08:50:45 -06:00
|
|
|
-- return the getdns list of default root trust anchors
|
2014-04-24 09:13:19 -05:00
|
|
|
|
|
|
|
.SH LIBRARY
|
|
|
|
DNS Resolver library (libgetdns, -lgetdns)
|
|
|
|
|
|
|
|
.SH SYNOPSIS
|
|
|
|
#include <getdns.h>
|
|
|
|
|
|
|
|
getdns_list *
|
|
|
|
.br
|
|
|
|
.B getdns_root_trust_anchor
|
|
|
|
(time_t *utc_date_of_anchor)
|
|
|
|
|
|
|
|
.SH DESCRIPTION
|
|
|
|
|
|
|
|
.LP
|
|
|
|
If an application wants the API to perform DNSSEC validation without using the
|
|
|
|
extensions, it can use the getdns_validate_dnssec() helper function. The API
|
|
|
|
will use the resource records in bundle_of_support_records to construct the
|
|
|
|
validation chain and the DNSKEY or DS records in trust_anchor_records as trust
|
|
|
|
anchors. The default list of trust anchor records that is used by the library
|
|
|
|
to validate DNSSEC can be retrieved by using the getdns_root_trust_anchor
|
|
|
|
helper function.
|
|
|
|
|
|
|
|
.HP 3
|
|
|
|
.I utc_date_of_anchor
|
|
|
|
time the trust anchors were obtained in epoch seconds (on success)
|
|
|
|
|
|
|
|
.HP
|
|
|
|
.SH "RETURN VALUES"
|
|
|
|
|
|
|
|
Returns the default list of trust anchor records used by the library to validate DNSSEC or NULL if no default trust anchors are available.
|
|
|
|
|
|
|
|
.SH EXAMPLES
|
|
|
|
|
|
|
|
TBD
|
|
|
|
|
|
|
|
.SH SEE ALSO
|
|
|
|
.BR getdns_validate_dnssec (3)
|
|
|
|
.BR libgetdns (3)
|
|
|
|
|