I find that this bug continues to exist in isc-dhcpd-4.2.4.
Also, it affects not only HMAC-SHA256, but HMAC-SHA{1,224,256,384,512}.
The only working algorithm is HMAC-MD5, which we don't want to use for
obvious reasons.
If another algorithm is specified, the server prints to the syslog that
it is "Unable to create tsec structure for %s", and all future DNS
updates are sent only unauthenticated, and are not retried after being
refused. It no longer reports "bad DNS key", but it does warn that the
tsec is missing each time it attempts an update.
** Tags removed: natty
** Tags added: saucy
** Changed in: isc-dhcp (Ubuntu)
Status: Expired => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/797356
Title:
dhcp server does not support HMAC-SHA256
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/797356/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
