lib/49138: "libdns" cannot use "hmac-sha512" keys

[tron%zhadum.org.uk@localhost]

>Number:         49138
>Category:       lib
>Synopsis:       "libdns" cannot use "hmac-sha512" keys
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Aug 21 21:35:00 +0000 2014
>Originator:     Matthias Scheler
>Release:        NetBSD 7.0_BETA 2014-08-20 sources
>Organization:
Matthias Scheler                                 https://zhadum.org.uk/
>Environment:
System: NetBSD colwyn.zhadum.org.uk 7.0_BETA NetBSD 7.0_BETA (GENERIC) #0: Wed 
Aug 20 13:44:09 BST 2014 
tron%lyssa.zhadum.org.uk@localhost:/export/scratch/tron/obj/sys/arch/amd64/compile/GENERIC
 amd64
Architecture: x86_64
Machine: amd64
>Description:
Since upgrading from NetBSD 6.1_STABLE to 7.0_BETA dhcpd(8) can no longer
use my "hmac-sha512" DNS key to sign updates for DNS zones. It logs the
following error during status:

Aug 21 18:50:33 colwyn dhcpd: Unable to create tsec structure for zhadum.intern

I've also got problems with "nsupdate" which also can no longer use a
(differnent "hmac-sha512" key:

; TSIG error with server: tsig indicates error
update failed: NOTAUTH(BADSIG)
; TSIG error with server: tsig indicates error
update failed: NOTAUTH(BADSIG)
; TSIG error with server: tsig indicates error
update failed: NOTAUTH(BADSIG)
; TSIG error with server: tsig indicates error
update failed: NOTAUTH(BADSIG)
; TSIG error with server: tsig indicates error
update failed: NOTAUTH(BADSIG)

Both programs worked fine under NetBSD 6.1_STABLE. "/usr/pkg/bin/nsupdate"
which does *not* use NetBSD 7.0_BETA's "libdns" also works fine.

I don't think it matters but the names server is BIND 9.10 from *pkgsrc*.

>How-To-Repeat:
Configure dhcpd(8) to use a "hmac-sha512" DNS key.

>Fix:
Not known.