BIND external grant authenticator

auth917.pl

#!/usr/bin/perl

use strict;
use IO::Socket::UNIX;

my $path = '/tmp/auth.sock';

unlink($path);
my $server = IO::Socket::UNIX->new(Local => $path, Type => SOCK_STREAM, Listen => 8) or
    die "unable to create socket $path";
chmod 0777, $path;

while (my $client = $server->accept()) {
	$client->recv(my $buf, 8, 0);
	my ($version, $req_len) = unpack('N N', $buf);

	if ($version != 1 || $req_len < 17) {
		printf("Badly formatted request\n");
		$client->send(pack('N', 2));
		next;
	}

	$client->recv(my $buf, $req_len - 8, 0);

	my ($signer,
	    $name,
	    $addr,
	    $type,
	    $key,
	    $key_data) = unpack('Z* Z* Z* Z* Z* N/a', $buf);

	if ($req_len != length($buf)+8) {
		printf("Length mismatch %u %u\n", $req_len, length($buf)+8);
		$client->send(pack('N', 2));
		next;
	}

	printf("Update by %s key=%s for name=%s, type=%s at address %s\n",
		$signer, $key, $name, $type, $addr);

	# look up $name and decide whether to grant or deny

	my $result = 1;			# grant

	my $reply = pack('N', $result);
	$client->send($reply);
}