From 9b8f93083d7543baae86d6d078cb637cee14b4fc Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Tue, 11 Aug 2015 22:12:17 -0700 Subject: [PATCH] [master] fix tsig class checks 4171. [bug] Fixed incorrect class checks in TSIG RR implementation. [RT #40287] --- CHANGES | 3 +++ lib/dns/rdata/any_255/tsig_250.c | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index b182db0706..bb2fc405a2 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4171. [bug] Fixed incorrect class checks in TSIG RR + implementation. [RT #40287] + 4170. [security] An incorrect boundary check in the OPENPGPKEY rdatatype could trigger an assertion failure. [RT #40286] diff --git a/lib/dns/rdata/any_255/tsig_250.c b/lib/dns/rdata/any_255/tsig_250.c index 3f91f91c00..7c7bdce35b 100644 --- a/lib/dns/rdata/any_255/tsig_250.c +++ b/lib/dns/rdata/any_255/tsig_250.c @@ -529,8 +529,8 @@ freestruct_any_tsig(ARGS_FREESTRUCT) { dns_rdata_any_tsig_t *tsig = (dns_rdata_any_tsig_t *) source; REQUIRE(source != NULL); - REQUIRE(tsig->common.rdclass == 255); REQUIRE(tsig->common.rdtype == 250); + REQUIRE(tsig->common.rdclass == 255); if (tsig->mctx == NULL) return; @@ -586,7 +586,7 @@ static inline isc_boolean_t checknames_any_tsig(ARGS_CHECKNAMES) { REQUIRE(rdata->type == 250); - REQUIRE(rdata->rdclass == 250); + REQUIRE(rdata->rdclass == 255); UNUSED(rdata); UNUSED(owner);