TSIG: fix possible weakness in signature checking
Use binary comparison instead of string comparison for the received MAC. The transaction signature was checked only partially, if the MAC contained a zero byte. If this was the very first byte of the signature, the checking didn't happen at all. In addition, possible ASCII characters in the MAC were compared case insensitively.
Please register or sign in to comment