Commit 9cc0c06c authored by Michal 'vorner' Vaner's avatar Michal 'vorner' Vaner
Browse files

[trac931] Sign even when error

parent b8da5496
......@@ -478,9 +478,8 @@ AuthSrv::processMessage(const IOMessage& io_message, MessagePtr message,
bool sendAnswer = true;
if (tsig_error != TSIGError::NOERROR()) {
// TODO We need to add a TSIG but with 0-length signature
makeErrorMessage(message, buffer, tsig_error.toRcode(),
impl_->verbose_mode_);
impl_->verbose_mode_, tsig_context);
} else if (message->getOpcode() == Opcode::NOTIFY()) {
sendAnswer = impl_->processNotify(io_message, message, buffer,
tsig_context);
......
......@@ -309,8 +309,8 @@ TEST_F(AuthSrvTest, TSIGSignedNoKey) {
const TSIGRecord* tsig = m.getTSIGRecord();
ASSERT_TRUE(tsig) <<
"Missing TSIG signature (we should have one even at error)";
// TODO It should have been signed by zero-length key. Should we
// check that somehow?
EXPECT_EQ(0, tsig->getRdata().getMACSize()) <<
"It should be unsigned with this error";
}
// Give the server a signed request, but signed by a different key
......@@ -341,8 +341,8 @@ TEST_F(AuthSrvTest, TSIGBadSig) {
const TSIGRecord* tsig = m.getTSIGRecord();
ASSERT_TRUE(tsig) <<
"Missing TSIG signature (we should have one even at error)";
// TODO It should have been signed by zero-length key. Should we
// check that somehow?
EXPECT_EQ(0, tsig->getRdata().getMACSize()) <<
"It should be unsigned with this error";
}
TEST_F(AuthSrvTest, AXFRConnectFail) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment