[v9_9] fix tsig class checks

author Evan Hunt <each@isc.org>

Wed, 12 Aug 2015 05:12:44 +0000 (22:12 -0700)

committer Evan Hunt <each@isc.org>

Wed, 12 Aug 2015 05:17:24 +0000 (22:17 -0700)
author Evan Hunt <each@isc.org>
Wed, 12 Aug 2015 05:12:44 +0000 (22:12 -0700)
committer Evan Hunt <each@isc.org>
Wed, 12 Aug 2015 05:17:24 +0000 (22:17 -0700)
diff --git a/CHANGES b/CHANGES

index 8ca8f5cac203fc31028c1c14bba6e49e86d0c22f..04340af055574668ba9e448355cc0f1cae4704cf 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4171.  [bug]           Fixed incorrect class checks in TSIG RR
+                       implementation. [RT #40287]
+
  4170.  [security]      An incorrect boundary check in the OPENPGPKEY
                         rdatatype could trigger an assertion failure.
                         [RT #40286]
diff --git a/lib/dns/rdata/any_255/tsig_250.c b/lib/dns/rdata/any_255/tsig_250.c

index 3f91f91c009a9c19f842da87958add76ffd9f539..7c7bdce35ba94e7cb282b074d359de53fa62d732 100644 (file)
--- a/lib/dns/rdata/any_255/tsig_250.c
+++ b/lib/dns/rdata/any_255/tsig_250.c
@@ -529,8 +529,8 @@ freestruct_any_tsig(ARGS_FREESTRUCT) {
         dns_rdata_any_tsig_t *tsig = (dns_rdata_any_tsig_t *) source;
  
         REQUIRE(source != NULL);
-       REQUIRE(tsig->common.rdclass == 255);
         REQUIRE(tsig->common.rdtype == 250);
+       REQUIRE(tsig->common.rdclass == 255);
  
         if (tsig->mctx == NULL)
                 return;
@@ -586,7 +586,7 @@ static inline isc_boolean_t
  checknames_any_tsig(ARGS_CHECKNAMES) {
  
         REQUIRE(rdata->type == 250);
-       REQUIRE(rdata->rdclass == 250);
+       REQUIRE(rdata->rdclass == 255);
  
         UNUSED(rdata);
         UNUSED(owner);
author	Evan Hunt <each@isc.org>
	Wed, 12 Aug 2015 05:12:44 +0000 (22:12 -0700)
committer	Evan Hunt <each@isc.org>
	Wed, 12 Aug 2015 05:17:24 +0000 (22:17 -0700)
CHANGES		patch \| blob \| blame \| history
lib/dns/rdata/any_255/tsig_250.c		patch \| blob \| blame \| history