From dc1f18f211a91735faf2771acc8438f0fbc70d4b Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Tue, 16 May 2006 03:44:54 +0000 Subject: [PATCH] 2018. [bug] Checking if the HMAC MD5 private file was broken. [RT #15960] --- CHANGES | 5 ++++- lib/dns/dst_parse.c | 23 +++++++++++++++-------- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/CHANGES b/CHANGES index 2d333abdc5..44461ac4a9 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,7 @@ -2017. [bug] allow-query default was net correct. [RT #15946] +2018. [bug] Checking if the HMAC MD5 private file was broken. + [RT #15960] + +2017. [bug] allow-query default was not correct. [RT #15946] 2016. [bug] Return a partial answer if recursion is not allowed but requested and we had the answer diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 6e84a533d4..9851ad11b7 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -18,7 +18,7 @@ /*% * Principal Author: Brian Wellington - * $Id: dst_parse.c,v 1.5 2006/01/27 23:57:46 marka Exp $ + * $Id: dst_parse.c,v 1.6 2006/05/16 03:44:54 marka Exp $ */ #include @@ -161,15 +161,22 @@ static int check_hmac_md5(const dst_private_t *priv, isc_boolean_t old) { int i, j; - if (!((priv->nelements == HMACMD5_NTAGS) || - (old && (priv->nelements == OLD_HMACMD5_NTAGS)))) + if (priv->nelements != HMACMD5_NTAGS) { + /* + * If this a good old format and we are accepting + * the old format return success. + */ + if (old && priv->nelements == OLD_HMACMD5_NTAGS && + priv->elements[0].tag == TAG_HMACMD5_KEY) + return (0); return (-1); - if (priv->nelements == OLD_HMACMD5_NTAGS && - priv->elements[0].tag != TAG_HMACMD5_KEY) - return (-1); - for (i = 0; i < DSA_NTAGS; i++) { + } + /* + * We must be new format at this point. + */ + for (i = 0; i < HMACMD5_NTAGS; i++) { for (j = 0; j < priv->nelements; j++) - if (priv->elements[j].tag == TAG(DST_ALG_DSA, i)) + if (priv->elements[j].tag == TAG(DST_ALG_HMACMD5, i)) break; if (j == priv->nelements) return (-1);