LocalPort => 5300, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
print "listening on $server_addr:5300,5301.\n";
+print "Using Net::DNS $Net::DNS::VERSION\n";
my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";
print $pidf "$$\n" or die "cannot write pid file: $!";
# get the existing signature if any, and clear the additional section
my $prev_tsig;
while (my $rr = $request->pop("additional")) {
- if ($rr->type eq "TSIG") {
- $prev_tsig = $rr;
- }
+ $prev_tsig = $rr if ($rr->type eq "TSIG");
}
my $r;
$packet->push("answer", $a);
}
if(defined($key_name) && defined($key_data)) {
+ my $tsig;
# Sign the packet
print " Signing the response with " .
"$key_name/$key_data\n";
- my $tsig = Net::DNS::RR->
- new("$key_name TSIG $key_data");
+
+ if ($Net::DNS::VERSION < 0.69) {
+ $tsig = Net::DNS::RR->new(
+ "$key_name TSIG $key_data");
+ } else {
+ $tsig = Net::DNS::RR->new(
+ name => $key_name,
+ type => 'TSIG',
+ key => $key_data);
+ }
# These kluges are necessary because Net::DNS
# doesn't know how to sign responses. We
$packet->{"header"}{"arcount"} += 1
if ($Net::DNS::VERSION < 0.70);
if (defined($prev_tsig)) {
- my $rmac = pack('n H*',
- length($prev_tsig->mac)/2,
- $prev_tsig->mac);
- $tsig->{"request_mac"} =
- unpack("H*", $rmac);
+ if ($Net::DNS::VERSION < 0.73) {
+ my $rmac = pack('n H*',
+ length($prev_tsig->mac)/2,
+ $prev_tsig->mac);
+ $tsig->{"request_mac"} =
+ unpack("H*", $rmac);
+ } else {
+ $tsig->request_mac(
+ $prev_tsig->mac);
+ }
}
$packet->sign_tsig($tsig);
$packet->push("answer", $a);
}
if(defined($key_name) && defined($key_data)) {
+ my $tsig;
# sign the packet
print " Signing the data with " .
"$key_name/$key_data\n";
- my $tsig = Net::DNS::RR->
- new("$key_name TSIG $key_data");
+ if ($Net::DNS::VERSION < 0.69) {
+ $tsig = Net::DNS::RR->new(
+ "$key_name TSIG $key_data");
+ } elsif ($Net::DNS::VERSION >= 0.75 &&
+ $continuation) {
+ $tsig = $prev_tsig;
+ } else {
+ $tsig = Net::DNS::RR->new(
+ name => $key_name,
+ type => 'TSIG',
+ key => $key_data);
+ }
# These kluges are necessary because Net::DNS
# doesn't know how to sign responses. We
$packet->{"header"}{"arcount"} += 1
if ($Net::DNS::VERSION < 0.70);
if (defined($prev_tsig)) {
- my $rmac = pack('n H*',
- length($prev_tsig->mac)/2,
- $prev_tsig->mac);
- $tsig->{"request_mac"} =
- unpack("H*", $rmac);
+ if ($Net::DNS::VERSION < 0.73) {
+ my $rmac = pack('n H*',
+ length($prev_tsig->mac)/2,
+ $prev_tsig->mac);
+ $tsig->{"request_mac"} =
+ unpack("H*", $rmac);
+ } else {
+ $tsig->request_mac(
+ $prev_tsig->mac);
+ }
}
$tsig->sign_func($signer) if defined($signer);
- $tsig->continuation($continuation)
- if ($Net::DNS::VERSION >= 0.71);
+ $tsig->continuation($continuation) if
+ ($Net::DNS::VERSION >= 0.71 &&
+ $Net::DNS::VERSION <= 0.74 );
$packet->sign_tsig($tsig);
$signer = \&sign_tcp_continuation
if ($Net::DNS::VERSION < 0.70);
projects / thirdparty / bind9.git / commitdiff
