upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 08:09:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Check that the specified DS digest is supported

Browse source 
dnssec-dsfromkey and dnssec-cds failed to properly check if the
specified DS digest type is supported or not.
This commit is contained in:
Mark Andrews 2025-05-28 13:59:04 +10:00
parent cbb0f165dc
commit dfee0e64ed
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
bin/dnssec/dnssectool.c
View file

@ -361,7 +361,10 @@ strtodsdigest(const char *str) {
r.length = strlen(str);
result = dns_dsdigest_fromtext(&alg, &r);
if (result != ISC_R_SUCCESS) {
fatal("unknown DS algorithm %s", str);
fatal("unknown DS digest %s", str);
}
if (!dst_ds_digest_supported(alg)) {
fatal("unsupported DS digest %s", str);
}
return alg;
}