TSIG payload: use canonical (lowercase) name format

(cherry picked from commit 51e2123c83ecafb4fa4e55815010721d2b73d77d)

diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc
index 9024b04502637ef0dbe9af619a332b836ffa1b7f..0c67004a0663590ce42fad3c179c1a75e75d46ae 100644 (file)
--- a/pdns/dnssecinfra.cc
+++ b/pdns/dnssecinfra.cc
@@ -782,7 +782,7 @@ static string makeTSIGPayload(const string& previous, const char* packetBegin, s
   DNSPacketWriter dw(signVect, DNSName(), 0);
   auto pos=signVect.size();
   if(!timersonly) {
-    dw.xfrName(tsigKeyName, false);
+    dw.xfrName(tsigKeyName.makeLowerCase(), false);
     dw.xfr16BitInt(QClass::ANY); // class
     dw.xfr32BitInt(0);    // TTL
     dw.xfrName(trc.d_algoName.makeLowerCase(), false);

diff --git a/pdns/test-tsig.cc b/pdns/test-tsig.cc
index 08c90828dea95fc74d4b6700d92ca1fbbd222e44..b40f8fcc607c4562db1e1b629acf24cc0bae072f 100644 (file)
--- a/pdns/test-tsig.cc
+++ b/pdns/test-tsig.cc
@@ -141,6 +141,17 @@ BOOST_AUTO_TEST_CASE(test_TSIG_different_case_algo) {
   checkTSIG(tsigName, tsigAlgo.makeLowerCase(), tsigSecret, packet);
 }
 
+BOOST_AUTO_TEST_CASE(test_TSIG_different_case_name) {
+  DNSName tsigName("tsig.Name");
+  DNSName tsigAlgo("HMAC-MD5.SIG-ALG.REG.INT");
+  DNSName qname("test.valid.tsig");
+  string tsigSecret("verysecret");
+
+  vector<uint8_t> packet = generateTSIGQuery(qname, tsigName, tsigAlgo, tsigSecret);
+
+  checkTSIG(tsigName.makeLowerCase(), tsigAlgo.makeLowerCase(), tsigSecret, packet);
+}
+
 BOOST_AUTO_TEST_CASE(test_TSIG_different_name_same_algo) {
   DNSName tsigName("tsig.name");
   DNSName tsigAlgo("HMAC-MD5.SIG-ALG.REG.INT");