]> granicus.if.org Git - pdns/commitdiff
projects / pdns / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8de4e1d)
TSIG key lookup
authorKees Monshouwer <mind04@monshouwer.org>
Sun, 7 Jun 2015 18:19:29 +0000 (20:19 +0200)
committermind04 <mind04@monshouwer.org>
Tue, 30 Jun 2015 06:12:47 +0000 (08:12 +0200)
pdns/backends/gsql/gsqlbackend.cc patch | blob | history
pdns/dnspacket.cc patch | blob | history
pdns/resolver.cc patch | blob | history
pdns/tsig-tests.cc patch | blob | history

diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc
index b1fea82d11acc77528e55bad82875dba828717a1..f330f0a51234b6fe2a8dfadfac1000d4dd66265b 100644 (file)
--- a/pdns/backends/gsql/gsqlbackend.cc
+++ b/pdns/backends/gsql/gsqlbackend.cc
@@ -702,7 +702,7 @@ bool GSQLBackend::getTSIGKey(const DNSName& name, DNSName* algorithm, string* co
     content->clear();
     while(d_getTSIGKeyQuery_stmt->hasNextRow()) {
       d_getTSIGKeyQuery_stmt->nextRow(row);
-      if(row.size() >= 2 && (!algorithm->countLabels() || *algorithm==row[0])) {
+      if(row.size() >= 2 && (algorithm->empty() || *algorithm==row[0])) {
         *algorithm = row[0];
         *content = row[1];
       }
diff --git a/pdns/dnspacket.cc b/pdns/dnspacket.cc
index 6ba951c8ead853d030d8b315cb62d34c26e20961..b9f61e257e0ac774f8d7a8509c4cf047ef46af5e 100644 (file)
--- a/pdns/dnspacket.cc
+++ b/pdns/dnspacket.cc
@@ -634,8 +634,8 @@ bool checkForCorrectTSIG(const DNSPacket* q, UeberBackend* B, DNSName* keyname,
   }
 
   DNSName algoName = trc->d_algoName; // FIXME
-  if (algoName == DNSName("hmac-md5.sig-alg.reg.int"))
-    algoName = DNSName("hmac-md5");
+  if (algoName == "hmac-md5.sig-alg.reg.int")
+    algoName = "hmac-md5";
 
   if (algoName == "gss-tsig") {
     if (!gss_verify_signature(*keyname, message, trc->d_mac)) {
@@ -650,8 +650,8 @@ bool checkForCorrectTSIG(const DNSPacket* q, UeberBackend* B, DNSName* keyname,
     L<<Logger::Error<<"Packet for domain '"<<q->qdomain.toString()<<"' denied: can't find TSIG key with name '"<<keyname->toString()<<"' and algorithm '"<<algoName.toString()<<"'"<<endl;
     return false;
   }
-  if (trc->d_algoName == DNSName("hmac-md5"))
-    trc->d_algoName += DNSName("sig-alg.reg.int.");
+  if (trc->d_algoName == "hmac-md5")
+    trc->d_algoName += "sig-alg.reg.int";
 
   TSIGHashEnum algo;
   if(!getTSIGHashEnum(trc->d_algoName, algo)) {
diff --git a/pdns/resolver.cc b/pdns/resolver.cc
index a41220eb189f051fbf296ebacd806978a7c7976e..1e236df109a11ce017fd7e2ccafa968f8741254f 100644 (file)
--- a/pdns/resolver.cc
+++ b/pdns/resolver.cc
@@ -130,7 +130,7 @@ uint16_t Resolver::sendResolve(const ComboAddress& remote, const ComboAddress& l
     // cerr<<"Adding TSIG to notification, key name: '"<<tsigkeyname<<"', algo: '"<<tsigalgorithm<<"', secret: "<<Base64Encode(tsigsecret)<<endl;
     TSIGRecordContent trc;
     if (tsigalgorithm == "hmac-md5")
-      trc.d_algoName = tsigalgorithm + ".sig-alg.reg.int.";
+      trc.d_algoName = tsigalgorithm + "sig-alg.reg.int";
     else
       trc.d_algoName = tsigalgorithm;
     trc.d_time = time(0);
@@ -393,7 +393,7 @@ AXFRRetriever::AXFRRetriever(const ComboAddress& remote,
   
     if(!tsigkeyname.empty()) {
       if (tsigalgorithm == "hmac-md5")
-        d_trc.d_algoName = tsigalgorithm + ".sig-alg.reg.int.";
+        d_trc.d_algoName = tsigalgorithm + "sig-alg.reg.int";
       else
         d_trc.d_algoName = tsigalgorithm;
       d_trc.d_time = time(0);
diff --git a/pdns/tsig-tests.cc b/pdns/tsig-tests.cc
index 3b7d53c08605bd83d3db05612fae29aed784fdd7..02a0b69c3f0e2d894b64168f1b49973d25f9545a 100644 (file)
--- a/pdns/tsig-tests.cc
+++ b/pdns/tsig-tests.cc
@@ -49,7 +49,7 @@ try
   string keyname("pdns-b-aa");
 
   TSIGRecordContent trc;
-  trc.d_algoName="hmac-md5.sig-alg.reg.int.";
+  trc.d_algoName="hmac-md5.sig-alg.reg.int";
   trc.d_time=time(0);
   trc.d_fudge=300;
   trc.d_origID=ntohs(pw.getHeader()->id);
Unnamed repository; edit this file 'description' to name the repository.