From: Brian Wellington <source@isc.org>
Date: Tue, 25 Jul 2000 17:12:00 +0000 (+0000)
Subject: dns_dnssec_verifymessage should make sure that it's verifying with the right
X-Git-Tag: v9.2.0a1^10~33
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=969f24b04c0c2c02c2d104933d21a18c14979e47;p=thirdparty%2Fbind9.git

dns_dnssec_verifymessage should make sure that it's verifying with the right
key (which should be the case anyway, but it never hurts to check).  Also
fix a memory leak and change a few _tostruct() calls to not allocate memory.
---

diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c
index e5db778701f..1f8b6b0cd5b 100644
--- a/lib/dns/dnssec.c
+++ b/lib/dns/dnssec.c
@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: dnssec.c,v 1.43 2000/06/06 22:00:47 bwelling Exp $
+ * $Id: dnssec.c,v 1.44 2000/07/25 17:11:58 bwelling Exp $
  * Principal Author: Brian Wellington
  */
 
@@ -322,7 +322,7 @@ dns_dnssec_verify(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key,
 	REQUIRE(mctx != NULL);
 	REQUIRE(sigrdata != NULL && sigrdata->type == dns_rdatatype_sig);
 
-	ret = dns_rdata_tostruct(sigrdata, &sig, mctx);
+	ret = dns_rdata_tostruct(sigrdata, &sig, NULL);
 	if (ret != ISC_R_SUCCESS)
 		return (ret);
 
@@ -599,6 +599,7 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) {
 
 	isc_buffer_init(&sigbuf, sig.signature, sig.siglen);
 	RETERR(dst_context_sign(ctx, &sigbuf));
+	dst_context_destroy(&ctx);
 
 	rdata = NULL;
 	RETERR(dns_message_gettemprdata(msg, &rdata));
@@ -671,7 +672,7 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
 	RETERR(dns_rdataset_first(msg->sig0));
 	dns_rdataset_current(msg->sig0, &rdata);
 
-	RETERR(dns_rdata_tostruct(&rdata, &sig, mctx));
+	RETERR(dns_rdata_tostruct(&rdata, &sig, NULL));
 	signeedsfree = ISC_TRUE;
 
 	if (sig.labels != 0) {
@@ -691,7 +692,11 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
 		goto failure;
 	}
 
-	/* XXXBEW ensure that sig.signer refers to this key */
+	if (!dns_name_equal(dst_key_name(key), &sig.signer)) {
+		result = DNS_R_SIGINVALID;
+		msg->sig0status = dns_tsigerror_badkey;
+		goto failure;
+	}
 
 	RETERR(dst_context_create(key, mctx, &ctx));
 
@@ -751,6 +756,7 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
 
 	msg->verified_sig = 1;
 
+	dst_context_destroy(&ctx);
 	dns_rdata_freestruct(&sig);
 
 	return (ISC_R_SUCCESS);
diff --git a/lib/dns/include/dns/dnssec.h b/lib/dns/include/dns/dnssec.h
index 0b5fc371d72..ec65672aa33 100644
--- a/lib/dns/include/dns/dnssec.h
+++ b/lib/dns/include/dns/dnssec.h
@@ -15,7 +15,7 @@
  * SOFTWARE.
  */
 
-/* $Id: dnssec.h,v 1.15 2000/06/22 21:55:37 tale Exp $ */
+/* $Id: dnssec.h,v 1.16 2000/07/25 17:12:00 bwelling Exp $ */
 
 #ifndef DNS_DNSSEC_H
 #define DNS_DNSSEC_H 1
@@ -154,6 +154,8 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
  *		ISC_R_SUCCESS
  *		ISC_R_NOMEMORY
  *		ISC_R_NOTFOUND - no SIG(0) was found
+ *		DNS_R_SIGINVALID - the SIG record is not well-formed or
+ *				   was not generated by the key.
  *		DST_R_*
  */