Net::DNS::RR::TSIG man page on Mageia

Man page or keyword search:  
man Server   17783 pages
apropos Keyword Search (all sections)
Output format
Mageia logo
[printable version]

Net::DNS::RR::TSIG(3) User Contributed Perl DocumentationNet::DNS::RR::TSIG(3)

NAME
       Net::DNS::RR::TSIG - DNS TSIG resource record

SYNOPSIS
	   use Net::DNS;

DESCRIPTION
       Class for DNS Transaction Signature (TSIG) resource records.

METHODS
       The available methods are those inherited from the base class augmented
       by the type-specific methods defined in this package.

       Use of undocumented package features or direct access to internal data
       structures is discouraged and could result in program termination or
       other unpredictable behaviour.

   algorithm
	   $algorithm = $rr->algorithm;

       A domain name which specifies the name of the algorithm.

   key
	   $key = $rr->key;

       Key string in the format expected by the signing function.

   time_signed
	   $time_signed = $rr->time_signed;

       Signing time as the number of seconds since 1 Jan 1970 00:00:00 UTC.
       The default signing time is the current time.

   fudge
	   $fudge = $rr->fudge;

       "fudge" represents the permitted error in the signing time.  The
       default fudge is 300 seconds.

   mac
       Returns the message authentication code (MAC) as a string of hex
       characters.  The programmer must call the Net::DNS::Packet data()
       object method before this will return anything meaningful.

   macbin
	   $macbin = $rr->macbin;

       Binary message authentication code (MAC).

   request_mac
	    $tsig->request_mac( $request->macbin );

       Request message authentication code (MAC).

   continuation
	    $tsig->continuation(1);

       Flag which indicates continuation of a multi-message response.

   original_id
	   $original_id = $rr->original_id;

       The message ID from the header of the original packet.

   error
	    $rcode = $tsig->error;

       Returns the RCODE covering TSIG processing.  Common values are NOERROR,
       BADSIG, BADKEY, and BADTIME.  See RFC 2845 for details.

   other
	   $other = $rr->other;

       This field should be empty unless the error is BADTIME, in which case
       it will contain the server time as the number of seconds since 1 Jan
       1970 00:00:00 UTC.

   sign_func
	   $sign_func = $rr->sign_func;

       This sets the signing function to be used for this TSIG record.	The
       default signing function is HMAC-MD5.

   sig_data
	    $sigdata = $tsig->sig_data($packet);

       Returns the packet packed according to RFC2845 in a form for signing.
       This is only needed if you want to supply an external signing function,
       such as is needed for TSIG-GSS.

TSIG Keys
       TSIG keys are symmetric HMAC-MD5 keys generated using the following
       command:

	       $ dnssec-keygen -a HMAC-MD5 -b 512 -n HOST <keyname>

	       The key will be stored in the file K<keyname>+157+<keyid>.private

	   where
	       <keyname> is the DNS name of the key.

	       <keyid> is the (generated) numerical identifier used to distinguish this key.

       It is recommended that the keyname be the fully qualified domain name
       of the relevant host.

Configuring BIND Nameserver
       The following lines must be added to the /etc/named.conf file:

	   key <keyname> {
	       algorithm HMAC-MD5;
	       secret "<keydata>";
	   };

       <keyname> is the name of the key chosen when the key was generated.

       <keydata> is the string found on the Key: line in the generated key
       file.

ACKNOWLEDGMENT
       Most of the code in the Net::DNS::RR::TSIG module was contributed by
       Chris Turbeville.

       Support for external signing functions was added by Andrew Tridgell.

BUGS
       A 32-bit representation of time is used, contrary to RFC2845 which
       demands 48 bits.	 This design decision will need to be reviewed before
       the code stops working on 7 February 2106.

       HMAC-MD5.SIG-ALG.REG.INT is the only algorithm currently supported.
       You can use other algorithms by supplying an appropriate sign_func.

COPYRIGHT
       Copyright (c)2002 Michael Fuhr.

       Portions Copyright (c)2002-2004 Chris Reinhardt.

       Package template (c)2009,2012 O.M.Kolkman and R.W.Franks.

       All rights reserved.

       This program is free software; you may redistribute it and/or modify it
       under the same terms as Perl itself.

SEE ALSO
       perl, Net::DNS, Net::DNS::RR, RFC2845

perl v5.18.1			  2012-12-28		 Net::DNS::RR::TSIG(3)
[top]

List of man pages available for Mageia

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net