> On 22 Jun 2018, at 1:48 am, Mukund Sivaraman <m...@mukund.org> wrote: > > On Fri, Jun 22, 2018 at 01:09:14AM +1000, Mark Andrews wrote: >>> So how should the DNS cookies be implemented? IMHO if one server uses >>> https://tools.ietf.org/html/rfc7873#appendix-B.1 >>> and another server uses https://tools.ietf.org/html/rfc7873#appendix-B.2, >>> then it's not interoperable. >>> Actually the upcoming Knot DNS 2.7 implemented "B.1" using Siphash instead >>> of FNV. Bind probably implemented B.2. >>> Are both implementations correct? >> >> Well you are free to inspect the code to ensure that it behaves the way >> we said it did. The code is in lib/ns/client.c:compute_cookie. Older >> branches that is bin/named/client.c:compute_cookie > > Mark, can you check the code in the compute_cookie() vs. RFC 7873 section B.2? > > RFC 7873 says: > > hash = > HMAC-SHA256-64( Server Secret, > (Client Cookie | Nonce | Time | Client IP Address) ) > > compute_cookie() seems to perform: > > HMAC-SHA256-64( Server Secret, > (Client Cookie | Nonce | Time | Client IP Address |Client > Cookie) ) > > Both process_cookie() and ns_client_addopt() use the same > compute_cookie() to generate and verify, so it would be hard to spot > this. > > Mukund
Looks like a bug. Will remove the second Client Cookie. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
