From 9a459f10201d539df6b4a7034ed31e9572740287 Mon Sep 17 00:00:00 2001
From: Kees Monshouwer <mind04@monshouwer.org>
Date: Wed, 4 Dec 2013 00:34:39 +0100
Subject: [PATCH] fix hmac-md5 TSIG key lookup

---
 pdns/dnspacket.cc | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/pdns/dnspacket.cc b/pdns/dnspacket.cc
index e68d8d524c..0d2e0008b3 100644
--- a/pdns/dnspacket.cc
+++ b/pdns/dnspacket.cc
@@ -608,9 +608,13 @@ bool checkForCorrectTSIG(const DNSPacket* q, DNSBackend* B, string* keyname, str
     return false;
   }
 
+  string algoName = trc->d_algoName;
+  if (stripDot(algoName) == "hmac-md5.sig-alg.reg.int")
+    algoName = "hmac-md5";
+
   string secret64;
-  if(!B->getTSIGKey(*keyname, &trc->d_algoName, &secret64)) {
-    L<<Logger::Error<<"Packet for domain '"<<q->qdomain<<"' denied: can't find TSIG key with name '"<<*keyname<<"' and algorithm '"<<trc->d_algoName<<"'"<<endl;
+  if(!B->getTSIGKey(*keyname, &algoName, &secret64)) {
+    L<<Logger::Error<<"Packet for domain '"<<q->qdomain<<"' denied: can't find TSIG key with name '"<<*keyname<<"' and algorithm '"<<algoName<<"'"<<endl;
     return false;
   }
   if (trc->d_algoName == "hmac-md5")
-- 
2.47.2