-
-
Notifications
You must be signed in to change notification settings - Fork 2
tlsacheck.3
tlsacheck - query qmail-daned for TLSA domain verification
#include <tlsacheck.h>
int tlsacheck(char *ip, char *domain, char rbuf[2], void (*timeoutfn)(), void (*errfn)());
tlsacheck connects to qmail-daned(8) - TLSA verification daemon on the IP address ip port 1998, to query TLSA records for mx host domain. It uses UDP to send the domain name and expects a two byte response in rbuf. Clients like qmail-remote(8) can use this function to delegate DANE verification. IP address can also be of the form ip@port, to specify an alternate port.
You can use the command line program qdane(1) to test qmail-daned(8) protocol.
The arguments timeoutfn should be a user defined function to handle timeouts. The default timeout is 10 seconds, but can be changed by setting the DANETIMEOUT environment variable.
tlsacheck returns 1 for success and 0 for failure. rbuf[1] can be one of the following
RECORD_NEW 0
RECORD_WHITE 1
RECORD_OK 2
RECORD_NOVRFY 3
RECORD_FAIL 4
RECORD_OLD 5