BIND 10 trac931, updated. 9cc0c06cac86d3460ee1f5b5e2c8669d9709663e [trac931] Sign even when error

BIND 10 source code commits bind10-changes at lists.isc.org
Tue May 17 18:08:13 UTC 2011 

The branch, trac931 has been updated
       via  9cc0c06cac86d3460ee1f5b5e2c8669d9709663e (commit)
      from  b8da54961c78a690c6bf02618d4c28fb9d320177 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9cc0c06cac86d3460ee1f5b5e2c8669d9709663e
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date:   Tue May 17 20:07:58 2011 +0200

    [trac931] Sign even when error

-----------------------------------------------------------------------

Summary of changes:
 src/bin/auth/auth_srv.cc                |    3 +--
 src/bin/auth/tests/auth_srv_unittest.cc |    8 ++++----
 2 files changed, 5 insertions(+), 6 deletions(-)

-----------------------------------------------------------------------
diff --git a/src/bin/auth/auth_srv.cc b/src/bin/auth/auth_srv.cc
index 3c6d492..0e0c666 100644
--- a/src/bin/auth/auth_srv.cc
+++ b/src/bin/auth/auth_srv.cc
@@ -478,9 +478,8 @@ AuthSrv::processMessage(const IOMessage& io_message, MessagePtr message,
 
     bool sendAnswer = true;
     if (tsig_error != TSIGError::NOERROR()) {
-        // TODO We need to add a TSIG but with 0-length signature
         makeErrorMessage(message, buffer, tsig_error.toRcode(),
-                         impl_->verbose_mode_);
+                         impl_->verbose_mode_, tsig_context);
     } else if (message->getOpcode() == Opcode::NOTIFY()) {
         sendAnswer = impl_->processNotify(io_message, message, buffer,
                                           tsig_context);
diff --git a/src/bin/auth/tests/auth_srv_unittest.cc b/src/bin/auth/tests/auth_srv_unittest.cc
index 84f41fc..21592f8 100644
--- a/src/bin/auth/tests/auth_srv_unittest.cc
+++ b/src/bin/auth/tests/auth_srv_unittest.cc
@@ -309,8 +309,8 @@ TEST_F(AuthSrvTest, TSIGSignedNoKey) {
     const TSIGRecord* tsig = m.getTSIGRecord();
     ASSERT_TRUE(tsig) <<
         "Missing TSIG signature (we should have one even at error)";
-    // TODO It should have been signed by zero-length key. Should we
-    // check that somehow?
+    EXPECT_EQ(0, tsig->getRdata().getMACSize()) <<
+        "It should be unsigned with this error";
 }
 
 // Give the server a signed request, but signed by a different key
@@ -341,8 +341,8 @@ TEST_F(AuthSrvTest, TSIGBadSig) {
     const TSIGRecord* tsig = m.getTSIGRecord();
     ASSERT_TRUE(tsig) <<
         "Missing TSIG signature (we should have one even at error)";
-    // TODO It should have been signed by zero-length key. Should we
-    // check that somehow?
+    EXPECT_EQ(0, tsig->getRdata().getMACSize()) <<
+        "It should be unsigned with this error";
 }
 
 TEST_F(AuthSrvTest, AXFRConnectFail) {

More information about the bind10-changes mailing list