Provided by: libval-dev_2.0-1.1ubuntu1_amd64 bug


                             The Validator Shim Library


       The validator shim library ( is a shared library designed to be dynamically
       loaded using the 'LD_PRELOAD' mechanism ( supported on linux and various other
       unix-like platforms. The shim library implements wrappers for a number of DNS related
       functions and in turn calls equivalent DNSSEC-aware validating functions from libval(3),
       mapping the results to return codes recognized by the original functions. In this way a
       wide variety of applications can be made DNSSEC aware without code changes and

       The method of mapping return codes assumes that any 'untrusted' or failure result from the
       libval(3) function is reflected as a failure to the original calling function.

       To load the library set LD_PRELOAD variable within the environment of the the target
       application prior to execution:

   Validation Policy:
       The validator shim library will create a policy context and cache it for all subsequent
       libval(3) calls. A NULL policy label will be passed to create the context. The policy is
       chosen according to rules defined for libval(3).

       See dnsval.conf(1) for information on policy labels and definition.

       Logging for the libval(3) functions may be enabled in the shim library by setting an
       environment variable.

       See dt-validate(1) for specifics.


   setuid/setgid programs
       setuid and setgid root programs (e.g., ping(8)) do not honor the LD_PRELOAD setting. These
       application may still use the LD_PRELOAD mechanism when run directly from a root shell.


       Copyright 2004-2013 SPARTA, Inc.  All rights reserved.  See the COPYING file included with
       the dnssec-tools package for details.


       G. S. Marzot


       libsres(3), libval(3), dnsval.conf(1), gethostbyname(3)

       gethostbyaddr(3), getnameinfo(3), getaddrinfo(3), res_query(3)