I can send updates for a subdomain configured with TSIG correctly with
the dnspython API but zone transfers with the same key fail. Using the
key to get the zone with dig works but what I expected would work with
the dnspython API so far hasn't. This is a simple distillation of
what I'm doing and the stacktrace that ensues. Any ideas?
import dns.query
import dns.tsigkeyring
import dns.zone
dns_key = 'subdomain.example.com'
dns_secret = 'very secret encoded string'
tsigkr = dns.tsigkeyring.from_text({dns_key : dns_secret})
z =
dns.zone.from_xfr(dns.query.xfr('nameserver.address','subdomain.example.com',keyring=tsigkr,keyname=dns_key))
Traceback (most recent call last):
File "zone_xfer.py", line 7, in <module>
z =
dns.zone.from_xfr(dns.query.xfr('nameserver.address','subdomain.example.com',keyring=tsigkr,keyname=dns_key))
File
"/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/dns/zone.py",
line 846, in from_xfr
for r in xfr:
File
"/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/dns/query.py",
line 338, in xfr
multi=True, first=first)
File
"/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/dns/message.py",
line 730, in from_wire
reader.read()
File
"/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/dns/message.py",
line 677, in read
self._get_section(self.message.additional, adcount)
File
"/Library/Frameworks/Python.framework/Versions/2.5/lib/python2.5/site-packages/dns/message.py",
line 619, in _get_section
raise UnknownTSIGKey, "key '%s' unknown" % name
dns.message.UnknownTSIGKey: key '@' unknown
Thanks!
_______________________________________________
dnspython-users mailing list
[email protected]
http://howl.play-bow.org/mailman/listinfo.cgi/dnspython-users
