In message <4ae58fd9.8020...@sun.com>, Stacey Jonathan Marshall writes: > The tsig manual page description for ns_sign() and ns_verify() include a > parameter named in_timesigned of type time_t. However there is no > description of this parameter as there is for the others: > > $ less libbind-6.0/doc/tsig.cat3 > TSIG LOCAL TSI > G > > NAME > ns_sign, ns_sign_tcp, ns_sign_tcp_init, ns_verify, ns_verify_tcp, > ns_verify_tcp_init, ns_find_tsig -- TSIG system > > SYNOPSIS > int > ns_sign(u_char *msg, int *msglen, int msgsize, int error, void *k, > const u_char *querysig, int querysiglen, u_char *sig, int *siglen, > time_t in_timesigned); > > ... > int > ns_verify(u_char *msg, int *msglen, void *k, const u_char *querysig, > int querysiglen, u_char *sig, int *siglen, time_t in_timesigned, > int nostrip); > > > From a cursory review it does not seem to be used unless error == > ns_r_badtime. > Could someone describe the purpose of parameter?
Theoretically a client can take the bad time response and compute a time delta and use it to adjust the timestamp in future communications to the server. This allows the client to correct for clock skew if it wants. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users