mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-03 08:05:21 +00:00
Code Issues Releases Wiki Activity

Return REFUSED if GSSAPI is not configured

Browse Source 
Return REFUSED if neither a keytab nor a gssapi credential is
configured to GSSAPI/TKEY requests.
This commit is contained in:
Mark Andrews
2023-07-27 08:34:45 +10:00
parent 5342d6e97d
commit b5076014b9
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/dns/tkey.c
View File

@@ -194,7 +194,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin,
if (tctx->gsscred == NULL && tctx->gssapi_keytab == NULL) { if (tctx->gsscred == NULL && tctx->gssapi_keytab == NULL) {
tkey_log("process_gsstkey(): no tkey-gssapi-credential " tkey_log("process_gsstkey(): no tkey-gssapi-credential "
"or tkey-gssapi-keytab configured"); "or tkey-gssapi-keytab configured");
return (ISC_R_NOPERM); return (DNS_R_REFUSED);
} }
if (!dns_name_equal(&tkeyin->algorithm, DNS_TSIG_GSSAPI_NAME)) { if (!dns_name_equal(&tkeyin->algorithm, DNS_TSIG_GSSAPI_NAME)) {