14 years ago · 9cc0c06cac
--- a/src/bin/auth/auth_srv.cc
+++ b/src/bin/auth/auth_srv.cc
@@ -478,9 +478,8 @@ AuthSrv::processMessage(const IOMessage& io_message, MessagePtr message,
 
				 
			
 
				     bool sendAnswer = true;
			
 
				     if (tsig_error != TSIGError::NOERROR()) {
			
 
				-        // TODO We need to add a TSIG but with 0-length signature
			
 
				         makeErrorMessage(message, buffer, tsig_error.toRcode(),
			
 
				-                         impl_->verbose_mode_);
			
 
				+                         impl_->verbose_mode_, tsig_context);
			
 
				     } else if (message->getOpcode() == Opcode::NOTIFY()) {
			
 
				         sendAnswer = impl_->processNotify(io_message, message, buffer,
			
 
				                                           tsig_context);
			
--- a/src/bin/auth/tests/auth_srv_unittest.cc
+++ b/src/bin/auth/tests/auth_srv_unittest.cc
@@ -309,8 +309,8 @@ TEST_F(AuthSrvTest, TSIGSignedNoKey) {
 
				     const TSIGRecord* tsig = m.getTSIGRecord();
			
 
				     ASSERT_TRUE(tsig) <<
			
 
				         "Missing TSIG signature (we should have one even at error)";
			
 
				-    // TODO It should have been signed by zero-length key. Should we
			
 
				-    // check that somehow?
			
 
				+    EXPECT_EQ(0, tsig->getRdata().getMACSize()) <<
			
 
				+        "It should be unsigned with this error";
			
 
				 }
			
 
				 
			
 
				 // Give the server a signed request, but signed by a different key
			
@@ -341,8 +341,8 @@ TEST_F(AuthSrvTest, TSIGBadSig) {
 
				     const TSIGRecord* tsig = m.getTSIGRecord();
			
 
				     ASSERT_TRUE(tsig) <<
			
 
				         "Missing TSIG signature (we should have one even at error)";
			
 
				-    // TODO It should have been signed by zero-length key. Should we
			
 
				-    // check that somehow?
			
 
				+    EXPECT_EQ(0, tsig->getRdata().getMACSize()) <<
			
 
				+        "It should be unsigned with this error";
			
 
				 }
			
 
				 
			
 
				 TEST_F(AuthSrvTest, AXFRConnectFail) {