On Sat, Feb 21, 2015 at 7:35 AM, Carsten Strotmann <c...@strotmann.de> wrote:
> Hi, > > I'm trying to build an automated update system for OPENPGPKEY records > with BIND 9 9.9.6-P2 and "nsupate". > > I've verified the TSIG keys, I can add and remove TXT records with the > key under the domain name. > > Adding a 6K PGP key as OPENPGPKEY does fail with > > 21-Feb-2015 13:24:19.714 dns_rdata_fromtext: buffer-0x7f04662e14f0:1: > near eof: unexpected end of input > invalid rdata format: unexpected end of input > > Below is the debug output from nsupdate: > > I also encountered this limit in nsupdate when I attempted to create my OPENPGPKEY record a while back (I should have sent in a bug report then). Until the bug is fixed, I'd suggest using alternative dynamic update tools. Here's a snippet of python code I used for myself (needs the dnspython module): #!/usr/bin/env python # import dns.query, dns.tsigkeyring, dns.update ZONE = "huque.com." SERVER = '127.0.0.1' TSIGNAME = "local-ddns." TSIGALG = "hmac-sha256." TSIGKEY = "XXXXXXXXXXX redacted-key XXXXXXXXXXXXXXXXXXX" QNAME = "4f7c2705c0f139ede60573f8537a0790fb64df5d4a819af951d259bc._ openpgpkey.huque.com." GEN_RDATA = "\# 2229 99010d04................" keyring = dns.tsigkeyring.from_text({TSIGNAME : TSIGKEY}) update = dns.update.Update(ZONE, keyring=keyring, keyalgorithm=dns.name.from_text(TSIGALG)) update.add(QNAME, 3600, 61, GEN_RDATA) response = dns.query.tcp(update, SERVER) print response.rcode() # should be zero Shumon Huque
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users