package dns-server

  1. Overview
  2. Docs

Authentication, stored in a Dns_trie with privileges to operations embedded in the name.

type operation = [
  1. | `Update
  2. | `Transfer
]

The type of operations.

type a = Dns_trie.t -> Dns.proto -> ?key:[ `raw ] Domain_name.t -> operation -> zone:[ `raw ] Domain_name.t -> bool

The authentifier function signature

val tsig_auth : a

tsig_auth trie proto keyname operation zone checks that keyname matches the operation and is in the zone: foo._transfer.mirage is valid to `Transfer the mirage zone. A key without a zone foo._transfer is valid for all zones! When using tsig_auth, be aware that it does no cryptographic verification of the tsig signature!

type t

The type for an authenticator.