1575. [func] Log TSIG name on TSIG verify failure. [RT #4404]

2025-08-30 14:07:59 +00:00 · 2004-02-09 23:25:22 +00:00
parent 2558e3f25d
commit 80c5a37ddc
2 changed files with 17 additions and 7 deletions
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-1575.	[placeholder]	rt4404
+1575.	[func]		Log TSIG name on TSIG verify failure. [RT #4404]
 1574.	[placeholder]	rt9091
--- a/bin/named/client.c
+++ b/bin/named/client.c
@@ -15,7 +15,7 @@
 * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
-/* $Id: client.c,v 1.217 2003/10/25 00:09:13 jinmei Exp $ */
+/* $Id: client.c,v 1.218 2004/02/09 23:25:22 marka Exp $ */
 #include <config.h>
@@ -1456,17 +1456,27 @@ client_request(isc_task_t *task, isc_event_t *event) {
 	} else {
 		char tsigrcode[64];
 		isc_buffer_t b;
 		dns_name_t *name = NULL;
 		isc_buffer_init(&b, tsigrcode, sizeof(tsigrcode) - 1);
 		RUNTIME_CHECK(dns_tsigrcode_totext(client->message->tsigstatus,
 						   &b) == ISC_R_SUCCESS);
 		tsigrcode[isc_buffer_usedlength(&b)] = '\0';
 		/* There is a signature, but it is bad. */
 		if (dns_message_gettsig(client->message, &name) != NULL) {
 			char namebuf[DNS_NAME_FORMATSIZE];
 			dns_name_format(name, namebuf, sizeof(namebuf));
 			ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
 				      NS_LOGMODULE_CLIENT, ISC_LOG_ERROR,
 				      "request has invalid signature: "
 				      "TSIG %s: %s (%s)", namebuf,
 				      isc_result_totext(result), tsigrcode);
 		} else {
 			ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
 				      NS_LOGMODULE_CLIENT, ISC_LOG_ERROR,
 				      "request has invalid signature: %s (%s)",
-			      isc_result_totext(result),
+				      isc_result_totext(result), tsigrcode);
-			      tsigrcode);
+		}
 		/*
 		 * Accept update messages signed by unknown keys so that
 		 * update forwarding works transparently through slaves
`@@ -1,4 +1,4 @@`
	`1575. [placeholder] rt4404`	`1575. [func] Log TSIG name on TSIG verify failure. [RT #4404]`

	`1574. [placeholder] rt9091`	`1574. [placeholder] rt9091`