GSS-TSIG update policy identity field

Juergen Dietl isclists01 at googlemail.com
Thu May 12 12:21:31 UTC 2011


2011/5/12 Mark Andrews <marka at isc.org>

>
>
>
> I suggest that you look at the documentation for "external" and use
> it.
>
> Hello Mark,

thanx a lot for your explanation. One last question.

What do you mean with your sentence above? Do you mean that?:
+++++++++++++++++++++++++++++++++++++++++++++++
external This rule allows named to defer the decision of whether to
allow a given update to an external daemon.
The method of communicating with the daemon is specified
in the identity field, the format of which is
”local:path”, where path is the location of a UNIXdomain
socket. (Currently, ”local” is the only supported
mechanism.)
Requests to the external daemon are sent over the UNIXdomain
socket as datagrams with the following format:
Protocol version number (4 bytes,
network byte order, currently 1) Request
length (4 bytes, network byte order)
Signer (null-terminated string) Name
(null-terminated string) TCP source
address (null-terminated string) Rdata
type (null-terminated string) Key
(null-terminated string) TKEY token length
(4 bytes, network byte order) TKEY token
(remainder of packet) The daemon replies with a
four-byte value in network byte order, containing either 0 or
1; 0 indicates that the specified update is not permitted, and
1 indicates that it is.In
++++++++++++++++++++++++++++++++++++++++++++

regards,
Juergen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110512/202747cb/attachment.html>


More information about the bind-users mailing list