[1389] fixed another bug in _send_message_with_last_soa(): TSIG len was

counted twice.

src/bin/xfrout/tests/xfrout_test.py.in

@@ -915,7 +915,29 @@ class TestXfroutSession(TestXfroutSessionBase):
         self.assertTrue(rrsets_equal(test_rr,
                                      r.get_section(Message.SECTION_ANSWER)[1]))
 
-    def test_reply_xfrout_query_axfr_maxlen_with_soa2(self):
+    def test_reply_xfrout_query_axfr_maxlen_with_soa_with_tsig(self):
+        # Similar to the previous case, but with TSIG.  In our test cases
+        # the size of the TSIG RR is 81 bytes (key name = example.com,
+        # algorithm = hmac-md5)
+        soa = RRset(Name('.'), RRClass.IN(), RRType.SOA(), RRTTL(3600))
+        soa.add_rdata(Rdata(RRType.SOA(), RRClass.IN(), '. . 0 0 0 0 0'))
+        self.mdata = self.create_request_data(zone_name=Name('.'))
+        self.xfrsess._soa = soa
+        self.xfrsess._tsig_ctx = self.create_mock_tsig_ctx(TSIGError.NOERROR)
+        self.xfrsess._tsig_len = 81
+        test_rr = create_generic(Name('.'), 65512 - 5 - 81 -
+                                 get_rrset_len(soa))
+        self.xfrsess._iterator = [soa, test_rr]
+        self.xfrsess._reply_xfrout_query(self.getmsg(), self.sock)
+        r, rlen = self.sock.read_msg(need_len=True)
+        self.assertEqual(65535, rlen)
+        self.assertEqual(2, r.get_rr_count(Message.SECTION_ANSWER))
+        self.assertTrue(rrsets_equal(soa,
+                                     r.get_section(Message.SECTION_ANSWER)[0]))
+        self.assertTrue(rrsets_equal(test_rr,
+                                     r.get_section(Message.SECTION_ANSWER)[1]))
+
+    def test_reply_xfrout_query_axfr_maxlen_with_endsoa(self):
         # Similar to the previous test, but the first message cannot contain
         # both SOA and the long RR due to the question section.  The second
         # message should be able to contain both.
@@ -933,6 +955,35 @@ class TestXfroutSession(TestXfroutSessionBase):
         r, rlen = self.sock.read_msg(need_len=True)
         self.assertEqual(65535, rlen)
         self.assertEqual(2, r.get_rr_count(Message.SECTION_ANSWER))
+        self.assertTrue(rrsets_equal(test_rr,
+                                     r.get_section(Message.SECTION_ANSWER)[0]))
+        self.assertTrue(rrsets_equal(soa,
+                                     r.get_section(Message.SECTION_ANSWER)[1]))
+
+    def test_reply_xfrout_query_axfr_maxlen_with_endsoa_with_tsig(self):
+        # Similar to the previous case, but with TSIG.  In our test cases
+        # the size of the TSIG RR is 81 bytes (key name = example.com,
+        # algorithm = hmac-md5)
+        soa = RRset(Name('.'), RRClass.IN(), RRType.SOA(), RRTTL(3600))
+        soa.add_rdata(Rdata(RRType.SOA(), RRClass.IN(), '. . 0 0 0 0 0'))
+        self.mdata = self.create_request_data(zone_name=Name('.'))
+        self.xfrsess._soa = soa
+        self.xfrsess._tsig_ctx = self.create_mock_tsig_ctx(TSIGError.NOERROR)
+        self.xfrsess._tsig_len = 81
+        test_rr = create_generic(Name('.'), 65512 - 81 - get_rrset_len(soa))
+        self.xfrsess._iterator = [soa, test_rr]
+        self.xfrsess._reply_xfrout_query(self.getmsg(), self.sock)
+        r = self.sock.read_msg()
+        self.assertEqual(1, r.get_rr_count(Message.SECTION_ANSWER))
+        self.assertTrue(rrsets_equal(soa,
+                                     r.get_section(Message.SECTION_ANSWER)[0]))
+        r, rlen = self.sock.read_msg(need_len=True)
+        self.assertEqual(65535, rlen)
+        self.assertEqual(2, r.get_rr_count(Message.SECTION_ANSWER))
+        self.assertTrue(rrsets_equal(test_rr,
+                                     r.get_section(Message.SECTION_ANSWER)[0]))
+        self.assertTrue(rrsets_equal(soa,
+                                     r.get_section(Message.SECTION_ANSWER)[1]))
 
     def test_reply_xfrout_query_axfr_toobigdata(self):
         # Similar to the 'maxlen' test, but the RR doesn't even fit in a

src/bin/xfrout/xfrout.py.in

@@ -549,8 +549,8 @@ class XfroutSession():
         with or without TSIG.  In theory this could be wrong if TSIG is
         stupidly large, but in practice this assumption should be reasonable.
         '''
-        if (message_upper_len + self._tsig_len + get_rrset_len(rrset_soa) >
-            XFROUT_MAX_MESSAGE_SIZE):
+        if message_upper_len + get_rrset_len(rrset_soa) > \
+                XFROUT_MAX_MESSAGE_SIZE:
             self._send_message(sock_fd, msg, self._tsig_ctx)
             msg = self._clear_message(msg)