mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-28 04:34:54 -04:00
Fix algorithm rollover bug wrt keytag conflicts
If there is an algorithm rollover and two keys of different algorithm
share the same keytags, then there is a possibility that if we check
that a key matches a specific state, we are checking against the wrong
key.
Fix this by not only checking for matching key id but also key
algorithm.
(cherry picked from commit f37eb33f29)
This commit is contained in:
Matthijs Mekking
parent
b7bc6abdfe
commit
d0db5c07f8
1 changed files with 1 additions and 0 deletions
|
|
@ -596,6 +596,7 @@ keymgr_key_match_state(dst_key_t *key, dst_key_t *subject, int type,
|
|||
continue;
|
||||
}
|
||||
if (next_state != NA && i == type &&
|
||||
dst_key_alg(key) == dst_key_alg(subject) &&
|
||||
dst_key_id(key) == dst_key_id(subject))
|
||||
{
|
||||
/* Check next state rather than current state. */
|
||||
|
|
|
|||
Loading…
Reference in a new issue