Commit 991322a2 authored by Brian Wellington's avatar Brian Wellington
Browse files

A TSIG record's class should be ANY, not that of the question

parent f3b5ca5a
......@@ -928,6 +928,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t *dctx,
* section, bail.
*/
if (msg->opcode != dns_opcode_update
&& rdtype != dns_rdatatype_tsig
&& msg->rdclass != rdclass)
return (DNS_R_FORMERR);
......@@ -938,6 +939,8 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t *dctx,
if (rdtype == dns_rdatatype_tsig) {
if (sectionid != DNS_SECTION_ADDITIONAL)
return (DNS_R_FORMERR);
if (rdclass != dns_rdataclass_any)
return (DNS_R_FORMERR);
section = &msg->sections[DNS_SECTION_TSIG];
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment