size limit on RDATA in nsupdate
Shumon Huque
shuque at gmail.com
Sat Feb 21 15:30:53 UTC 2015
On Sat, Feb 21, 2015 at 7:35 AM, Carsten Strotmann <cas at strotmann.de> wrote:
> Hi,
>
> I'm trying to build an automated update system for OPENPGPKEY records
> with BIND 9 9.9.6-P2 and "nsupate".
>
> I've verified the TSIG keys, I can add and remove TXT records with the
> key under the domain name.
>
> Adding a 6K PGP key as OPENPGPKEY does fail with
>
> 21-Feb-2015 13:24:19.714 dns_rdata_fromtext: buffer-0x7f04662e14f0:1:
> near eof: unexpected end of input
> invalid rdata format: unexpected end of input
>
> Below is the debug output from nsupdate:
>
>
I also encountered this limit in nsupdate when I attempted to create my
OPENPGPKEY record a while back (I should have sent in a bug report then).
Until the bug is fixed, I'd suggest using alternative dynamic update tools.
Here's a snippet of python code I used for myself (needs the dnspython
module):
#!/usr/bin/env python
#
import dns.query, dns.tsigkeyring, dns.update
ZONE = "huque.com."
SERVER = '127.0.0.1'
TSIGNAME = "local-ddns."
TSIGALG = "hmac-sha256."
TSIGKEY = "XXXXXXXXXXX redacted-key XXXXXXXXXXXXXXXXXXX"
QNAME = "4f7c2705c0f139ede60573f8537a0790fb64df5d4a819af951d259bc._
openpgpkey.huque.com."
GEN_RDATA = "\# 2229 99010d04................"
keyring = dns.tsigkeyring.from_text({TSIGNAME : TSIGKEY})
update = dns.update.Update(ZONE, keyring=keyring,
keyalgorithm=dns.name.from_text(TSIGALG))
update.add(QNAME, 3600, 61, GEN_RDATA)
response = dns.query.tcp(update, SERVER)
print response.rcode() # should be zero
Shumon Huque
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150221/b2d2b232/attachment.html>
More information about the bind-users
mailing list