NAME

Data::Validate::DNS::CAA - Validate DNS Certification Authority Authorization (CAA) values

VERSION

version 0.02

SYNOPSIS

use Data::Validate::DNS::CAA qw(is_issue is_issuewild is_iodef);

if (is_caa_tag('issue')) {
   print "Looks like a CAA tag value\n";
}
else {
   print "Not a CAA tag value\n";
}

if (is_caa_value(issue => 'ca.example.com; policy=ev')) {
    print "Looks like a CAA issue value\n";
}
else {
    print "Not a CAA issue value\n";
}

if (is_caa_value(iodef => 'mailto:security@example.com')) {
    print "Looks like a CAA iodef value\n";
}
else {
    print "Not a CAA iodef value\n";
}

# or use Object interface.

my $v = Data::Validate::CAA::DNS->new;

die "not a CAA tag value" unless $v->is_caa_tag($suspect);

DESCRIPTION

This module offers a few subroutines for validating DNS Certification Authority Authorization (CAA) record fields to make input validation and untainting easier and more readable.

All of the functions return an untainted value on success and a false value (undef or empty list) on failure. In scalar context you should check that the return value is defined.

All functions can be called as methods if using the object oriented interface.

METHODS

new()

Constructor

FUNCTIONS

is_caa_tag($value, %opts)

Returns the untainted tag if the value appears to be a valid CAA tag name as defined in RFC 6844.

%opts, if present can contain the following:

  • strict

    Default: 1

    In this mode, the tag must match exactly one of the registered tag names in RFC 6844, or the IANA registry for CAA tag names. Note that reserved tags are not allowed. Turning this off will merely do a syntax check on the tag string.

is_caa_value($tagname, $value)

Returns the untainted value if it appears to be a valid CAA tag name/value pair.

is_caa_issue($value)

Returns the untainted value if it looks like a CAA issue (or issuewild) value.

is_caa_issuewild($value)

Returns the untainted value if it looks like a CAA issuewild value. Since issuewild values have the same syntax as issue values, this is identical to is_caa_issue().

is_caa_iodef($value)

Returns the untainted value if it looks like a CAA iodef value.

SEE ALSO

RFC 6844

SOURCE

The development version is on github at http://github.com/mschout/perl-data-validate-dns-caa and may be cloned from git://github.com/mschout/perl-data-validate-dns-caa.git

BUGS

Please report any bugs or feature requests to bug-data-validate-dns-caa@rt.cpan.org or through the web interface at: http://rt.cpan.org/Public/Dist/Display.html?Name=Data-Validate-DNS-CAA

AUTHOR

Michael Schout <mschout@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2017 by Michael Schout.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.