Hi,
We're using a modified "unbound python example". The idea is that when
an A or AAAA query comes in, we wait to query for an IPSECKEY record
before returning the A/AAAA to the application.
As a proof of concept, we used python-dns to fire off the query for the
IPSECKEY record within the unbound python module we load, which then
hits unbound from the outside. This was just a hack, but clearly not
the right way to use it.
How can we do this within the unbound? Can it be done in the python
module, or do we need to use a C module to get more access to various
parts of the iterator?
Or how can we invoke a sub-query? How can we combine the results of a
subquery with the query we are postponing?
Further issue is that our code needs to have the IPSECKEY query result at
the same time as the A record result. This way, we can pass this IPsec
key and the IP address to a shell command (commands.getstatusoutput())
to build an IPsec tunnel, before the A record is returned to the application.
Attached is our little proof of concept code hack.
Paul
(attachments)
ubmodule-tst.py (3.32 KB)