negotiateContext: Use current key as fallback if Subkey is not sent

[ChristophKaser]

I tried to use bodgit/tsig (or rather kubernetes-sigs/external-dns, which uses miekg/dns, which uses bodgit/tsig) to perform dynamic DNS updates on a Samba Domain Controller (with a bind DNS backend).

This failed with "unknown or unsupported EType: 0", because the EncAPRepPart of the TKEY reply does not contain a Subkey.

According to https://www.rfc-editor.org/rfc/rfc4120#section-5.5.2 subkey is an optional field. If it is not sent, the session key from the ticket should be used.

With this change, updating DNS records in samba works.

[bodgit]

LGTM, I didn't spot this in the RFC although they are a bit heavy reading.

I want to update the versions of Go used in the tests so it's 1.19 and 1.18 and then I'll cut a new release with this fix in, which should hopefully be picked up by the external-dns project automatically.

[bodgit]

v1.2.1 is released with your fix, thanks again for your contribution.

[ChristophKaser]

Great, thank you very much for the fast merge and release! 30.10.2022 00:09:16 Matt Dainty ***@***.***>:

…

v1.2.1 is released with your fix, thanks again for your contribution. — Reply to this email directly, view it on GitHub[#86 (comment)], or unsubscribe[https://github.com/notifications/unsubscribe-auth/AB563QXKWAHGZR7JJX6U73TWFWOATANCNFSM6AAAAAARQZSP2A]. You are receiving this because you authored the thread.[Verfolgungsbild][https://github.com/notifications/beacon/AB563QWJIHPXNCW7ACRE24DWFWOATA5CNFSM6AAAAAARQZSP2CWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSNH5PCG.gif]