mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 14:35:26 +00:00
Code Issues Releases Wiki Activity

Restore the ability to read legacy K*+157+* files

Browse Source 
The ability to read legacy HMAC-MD5 K* keyfile pairs using algorithm
number 157 was accidentally lost when the algorithm numbers were
consolidated into a single block, in commit
09f7e0607a.

The assumption was that these algorithm numbers were only known
internally, but they were also used in key files. But since HMAC-MD5
got renumbered from 157 to 160, legacy HMAC-MD5 key files no longer
work.

Move HMAC-MD5 back to 157 and GSSAPI back to 160.  Add exception for
GSSAPI to list_hmac_algorithms.
This commit is contained in:
Mark Andrews
2023-06-19 14:17:14 +10:00
parent 4320c1f345
commit 3f93d3f757
4 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
bin/named/main.c
View File

@@ -484,6 +484,9 @@ list_hmac_algorithms(isc_buffer_t *b) {
for (dst_algorithm_t i = DST_ALG_HMAC_FIRST; i <= DST_ALG_HMAC_LAST;
i++)
{
if (i == DST_ALG_GSSAPI) {
continue;
}
if (dst_algorithm_supported(i)) {
isc_buffer_putstr(b, " ");
isc_buffer_putstr(b, dst_hmac_algorithm_totext(i));