mirror of
https://github.com/isc-projects/bind9.git
synced 2026-06-11 08:20:01 -04:00
dns_tsigkey_createfromkey wasn't checking that the key algorithm matched the
key name.
This commit is contained in:
Brian Wellington
parent
82c168127c
commit
ff7b9eede9
1 changed files with 17 additions and 5 deletions
|
|
@ -16,7 +16,7 @@
|
|||
*/
|
||||
|
||||
/*
|
||||
* $Id: tsig.c,v 1.112 2001/08/08 22:54:44 gson Exp $
|
||||
* $Id: tsig.c,v 1.113 2001/09/27 17:49:11 bwelling Exp $
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
|
|
@ -148,13 +148,25 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm,
|
|||
goto cleanup_key;
|
||||
dns_name_downcase(&tkey->name, &tkey->name, NULL);
|
||||
|
||||
if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME))
|
||||
if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME)) {
|
||||
tkey->algorithm = DNS_TSIG_HMACMD5_NAME;
|
||||
else if (dns_name_equal(algorithm, DNS_TSIG_GSSAPI_NAME))
|
||||
if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_HMACMD5) {
|
||||
ret = DNS_R_BADALG;
|
||||
goto cleanup_name;
|
||||
}
|
||||
} else if (dns_name_equal(algorithm, DNS_TSIG_GSSAPI_NAME)) {
|
||||
tkey->algorithm = DNS_TSIG_GSSAPI_NAME;
|
||||
else if (dns_name_equal(algorithm, DNS_TSIG_GSSAPIMS_NAME))
|
||||
if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_GSSAPI) {
|
||||
ret = DNS_R_BADALG;
|
||||
goto cleanup_name;
|
||||
}
|
||||
} else if (dns_name_equal(algorithm, DNS_TSIG_GSSAPIMS_NAME)) {
|
||||
tkey->algorithm = DNS_TSIG_GSSAPIMS_NAME;
|
||||
else {
|
||||
if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_GSSAPI) {
|
||||
ret = DNS_R_BADALG;
|
||||
goto cleanup_name;
|
||||
}
|
||||
} else {
|
||||
if (key != NULL) {
|
||||
ret = DNS_R_BADALG;
|
||||
goto cleanup_name;
|
||||
|
|
|
|||
Loading…
Reference in a new issue