Skip Menu |

This queue is for tickets about the Net-DNS CPAN distribution.

Report information
The Basics
Id: 92433
Status: resolved
Priority: 0/
Queue: Net-DNS
People
Owner: Nobody in particular
Requestors: marka [...] isc.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)
Attachments
diff

History Show all quoted text
  Fri Jan 24 01:57:47 2014 marka [...] isc.org - Ticket created
Subject: 0.74 doesn't properly sign TCP continuation
Date: Fri, 24 Jan 2014 17:57:16 +1100
To: bug-Net-DNS [...] rt.cpan.org
From: Mark Andrews <marka [...] isc.org>
The previous hmac is not being hashed on continuation messages. The patch uses request_macbin to supply the previous hmac. At this stage each message needs to be signed as there is no way to supply the data from the messages without a TSIG. This is a regression from 0.72 which hashed the request mac. A more extensive change would be to add previous_mac{bin} to pass this data. Mark
Download diff
application/octet-stream 822b

Message body not shown because it is not plain text.

  Fri Feb 28 11:06:40 2014 rwfranks [...] acm.org - Correspondence added
From: rwfranks [...] acm.org
Fixed on SVN trunk Added prior_mac and prior_macbin as suggested. packet->sign_tsig() has been reworked to do all the heavy lifting, without the need to fiddle about with TSIG RRs directly. As a worked example, resolver->axfr() now does verified zone transfer automatically if you use resolver->tsig() to specify the shared key. Dick
  Fri Feb 28 11:06:41 2014 The RT System itself - Status changed from 'new' to 'open'
  Wed Apr 30 10:31:31 2014 NLNETLABS [...] cpan.org - Correspondence added
Implemented in 0.75 release
  Wed Apr 30 10:31:32 2014 NLNETLABS [...] cpan.org - Status changed from 'open' to 'resolved'