From: Aki Tuomi <cmouse@desteem.org>
Date: Thu, 12 Sep 2013 13:49:59 +0000 (+0300)
Subject: Downcase algorithm names when doing TSIG. Fixes issue #1013
X-Git-Tag: rec-3.6.0-rc1~444^2~1
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3eb6935bd833fd9e7d483a50fb81e0b8d88e8f81;p=pdns

Downcase algorithm names when doing TSIG. Fixes issue #1013
---

diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc
index aba1327ec..1331c318c 100644
--- a/pdns/dnssecinfra.cc
+++ b/pdns/dnssecinfra.cc
@@ -558,22 +558,24 @@ string makeTSIGMessageFromTSIGPacket(const string& opacket, unsigned int tsigOff
 }
 
 
-bool getTSIGHashEnum(string algoName, TSIGHashEnum& algoEnum)
+bool getTSIGHashEnum(const string &algoName, TSIGHashEnum& algoEnum)
 {
-  if (*(algoName.rbegin()) != '.')
-    algoName.append(".");
+  string normalizedName = toLower(normalizedName);
 
-  if (algoName == "hmac-md5.sig-alg.reg.int.")
+  if (*(normalizedName.rbegin()) != '.')
+    normalizedName.append(".");
+
+  if (normalizedName == "hmac-md5.sig-alg.reg.int.")
     algoEnum = TSIG_MD5;
-  else if (algoName == "hmac-sha1.")
+  else if (normalizedName == "hmac-sha1.")
     algoEnum = TSIG_SHA1;
-  else if (algoName == "hmac-sha224.")
+  else if (normalizedName == "hmac-sha224.")
     algoEnum = TSIG_SHA224;
-  else if (algoName == "hmac-sha256.")
+  else if (normalizedName == "hmac-sha256.")
     algoEnum = TSIG_SHA256;
-  else if (algoName == "hmac-sha384.")
+  else if (normalizedName == "hmac-sha384.")
     algoEnum = TSIG_SHA384;
-  else if (algoName == "hmac-sha512.")
+  else if (normalizedName == "hmac-sha512.")
     algoEnum = TSIG_SHA512;
   else {
      return false;
diff --git a/pdns/dnssecinfra.hh b/pdns/dnssecinfra.hh
index da723cae1..cc8746d3a 100644
--- a/pdns/dnssecinfra.hh
+++ b/pdns/dnssecinfra.hh
@@ -135,7 +135,7 @@ string calculateSHAHMAC(const std::string& key_, const std::string& text, TSIGHa
 string calculateHMAC(const std::string& key_, const std::string& text, TSIGHashEnum hash);
 
 string makeTSIGMessageFromTSIGPacket(const string& opacket, unsigned int tsigoffset, const string& keyname, const TSIGRecordContent& trc, const string& previous, bool timersonly, unsigned int dnsHeaderOffset=0);
-bool getTSIGHashEnum(string algoName, TSIGHashEnum& algoEnum);
+bool getTSIGHashEnum(const string &algoName, TSIGHashEnum& algoEnum);
 void addTSIG(DNSPacketWriter& pw, TSIGRecordContent* trc, const string& tsigkeyname, const string& tsigsecret, const string& tsigprevious, bool timersonly);
 
 #endif