Opened 8 years ago

Closed 6 years ago

#1164 closed enhancement (wontfix)

TSIG ACL should avoid matching TSIG key without validation

Reported by: jinmei Owned by:
Priority: medium Milestone: DNS Outstanding Tasks
Component: ACL Version:
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DNS Feature Depending on Ticket:
Estimated Difficulty: 0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no

Description

This is an open issue carried over from #1104.

See the discussion at around
http://bind10.isc.org/ticket/1104#comment:10 (look for "possilbe open
issue") and its follow ups.

We should resolve this to make the operation safer. It may require
some modifications to libdns++ TSIG APIs.

Subtickets

Change History (3)

comment:1 Changed 8 years ago by jinmei

  • Component changed from Unclassified to ACL

comment:2 Changed 6 years ago by stephen

  • Milestone set to DNS Outstanding Tasks

comment:3 Changed 6 years ago by tomek

  • Resolution set to wontfix
  • Status changed from new to closed

DNS and BIND10 framework is outside of scope for Kea project.
The corresponding code has been removed from Kea git repository.
If you want to follow up on DNS or former BIND10 issues, see
http://bundy-dns.de project.

Closing ticket.

Note: See TracTickets for help on using tickets.