BIND 10 #1353: Wrong reason for transfer failure logged when TSIG fails
BIND 10 Development
do-not-reply at isc.org
Thu Oct 27 09:23:47 UTC 2011
#1353: Wrong reason for transfer failure logged when TSIG fails
-------------------------------+-----------------------------------------
Reporter: vorner | Owner:
Type: defect | Status: new
Priority: minor | Milestone: New Tasks
Component: xfrin | Keywords:
Sensitive: 0 | Defect Severity: N/A
Sub-Project: DNS | Feature Depending on Ticket:
Estimated Difficulty: 0 | Add Hours to Ticket: 0
Total Hours: 0 | Internal?: 0
-------------------------------+-----------------------------------------
This log message appears whenever validation of TSIG fails for some
reason:
{{{
2011-10-26 12:35:52.460 ERROR [b10-xfrin.xfrin] XFRIN_XFR_TRANSFER_FAILURE
AXFR transfer of zone example.com./IN failed: TSIG verify fail: FORMERR
}}}
However, the FORMERR is misleading. In this exact case, the signature was
missing completely (because it was a servfail), but AFAIK it happened at
other situations as well. It should tell more details.
--
Ticket URL: <http://bind10.isc.org/ticket/1353>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list