BIND 10 #1370: xfrout must add TSIG (when used) for all messages
BIND 10 Development
do-not-reply at isc.org
Fri Nov 18 00:12:16 UTC 2011
#1370: xfrout must add TSIG (when used) for all messages
-------------------------------------+-------------------------------------
Reporter: | Owner:
jinmei | Status: new
Type: | Milestone:
defect | Sprint-20111122
Priority: | Resolution:
critical | Sensitive: 0
Component: | Sub-Project: DNS
xfrout | Estimated Difficulty: 3
Keywords: | Total Hours: 0
Defect Severity: N/A |
Feature Depending on Ticket: |
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Comment (by jinmei):
trac1370 is ready for review. I believe this is pretty straightforward.
Proposed changelog entry:
{{{
320.? [bug] jinmei
b10-xfrout incorrectly skipped adding TSIG RRs to some
intermediate responses (when TSIG is to be used for the
responses). While RFC2845 optionally allows to skip intermediate
TSIGs (as long as the digest for the skipped part was included
in a later TSIG), the underlying TSIG API doesn't support this
mode of signing.
(Trac #1370, git TBD)
}}}
--
Ticket URL: <http://bind10.isc.org/ticket/1370#comment:3>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list