1Net::DNS::RR::TSIG(3) User Contributed Perl DocumentationNet::DNS::RR::TSIG(3)
2
3
4

NAME

6       Net::DNS::RR::TSIG - DNS TSIG resource record
7

SYNOPSIS

9       "use Net::DNS::RR";
10

DESCRIPTION

12       Class for DNS Transaction Signature (TSIG) resource records.
13

METHODS

15   algorithm
16           $rr->algorithm($algorithm_name);
17           print "algorithm = ", $rr->algorithm, "\n";
18
19       Gets or sets the domain name that specifies the name of the algorithm.
20       The only algorithm currently supported is HMAC-MD5.SIG-ALG.REG.INT.
21
22   time_signed
23           $rr->time_signed(time);
24           print "time signed = ", $rr->time_signed, "\n";
25
26       Gets or sets the signing time as the number of seconds since 1 Jan 1970
27       00:00:00 UTC.
28
29       The default signing time is the current time.
30
31   fudge
32           $rr->fudge(60);
33           print "fudge = ", $rr->fudge, "\n";
34
35       Gets or sets the "fudge", i.e., the seconds of error permitted in the
36       signing time.
37
38       The default fudge is 300 seconds.
39
40   mac_size
41           print "MAC size = ", $rr->mac_size, "\n";
42
43       Returns the number of octets in the message authentication code (MAC).
44       The programmer must call a Net::DNS::Packet object's data method before
45       this will return anything meaningful.
46
47   mac
48           print "MAC = ", $rr->mac, "\n";
49
50       Returns the message authentication code (MAC) as a string of hex
51       characters.  The programmer must call a Net::DNS::Packet object's data
52       method before this will return anything meaningful.
53
54   original_id
55           $rr->original_id(12345);
56           print "original ID = ", $rr->original_id, "\n";
57
58       Gets or sets the original message ID.
59
60   error
61           print "error = ", $rr->error, "\n";
62
63       Returns the RCODE covering TSIG processing.  Common values are NOERROR,
64       BADSIG, BADKEY, and BADTIME.  See RFC 2845 for details.
65
66   other_len
67           print "other len = ", $rr->other_len, "\n";
68
69       Returns the length of the Other Data.  Should be zero unless the error
70       is BADTIME.
71
72   other_data
73           print "other data = ", $rr->other_data, "\n";
74
75       Returns the Other Data.  This field should be empty unless the error is
76       BADTIME, in which case it will contain the server's time as the number
77       of seconds since 1 Jan 1970 00:00:00 UTC.
78
79   sig_data
80            my $sigdata = $tsig->sig_data($packet);
81
82       Returns the packet packed according to RFC2845 in a form for signing.
83       This is only needed if you want to supply an external signing function,
84       such as is needed for TSIG-GSS.
85
86   sign_func
87            sub my_sign_fn($$) {
88                    my ($key, $data) = @_;
89
90                    return some_digest_algorithm($key, $data);
91            }
92
93            $tsig->sign_func(\&my_sign_fn);
94
95       This sets the signing function to be used for this TSIG record.
96
97       The default signing function is HMAC-MD5.
98

BUGS

100       This code is still under development.  Use with caution on production
101       systems.
102
103       The time_signed and other_data fields should be 48-bit unsigned
104       integers (RFC 2845, Sections 2.3 and 4.5.2).  The current
105       implementation ignores the upper 16 bits; this will cause problems for
106       times later than 19 Jan 2038 03:14:07 UTC.
107
108       The only builtin algorithm currently supported is
109       HMAC-MD5.SIG-ALG.REG.INT. You can use other algorithms by supplying an
110       appropriate sign_func.
111
113       Copyright (c) 2002 Michael Fuhr.
114
115       Portions Copyright (c) 2002-2004 Chris Reinhardt.
116
117       All rights reserved.  This program is free software; you may
118       redistribute it and/or modify it under the same terms as Perl itself.
119

ACKNOWLEDGMENT

121       Most of the code in the Net::DNS::RR::TSIG module was contributed by
122       Chris Turbeville.
123
124       Support for external signing functions was added by Andrew Tridgell.
125

SEE ALSO

127       perl(1), Net::DNS, Net::DNS::Resolver, Net::DNS::Packet,
128       Net::DNS::Header, Net::DNS::Question, Net::DNS::RR, RFC 2845
129
130
131
132perl v5.10.1                      2009-01-26             Net::DNS::RR::TSIG(3)
Impressum