Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200824221343.GO3265@brightrain.aerifal.cx>
Date: Mon, 24 Aug 2020 18:13:43 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: Incompatible behaviour of res_query(3) w.r.t. NXDOMAIN

On Tue, Aug 25, 2020 at 12:04:44AM +0200, Florian Weimer wrote:
> * Rich Felker:
> 
> > On Mon, Aug 24, 2020 at 11:04:49PM +0200, Florian Weimer wrote:
> >> * Rich Felker:
> >> 
> >> > Hmm, I think in this case the "better" might be sufficient that we
> >> > want to keep it and pressure other implementations to change too. A
> >> > program performing a lookup where the result is NxDomain may very well
> >> > want to know whether that's an authenticated (by DNSSEC) NxDomain or
> >> > one in an insecure zone. Returning an error to the caller with no
> >> > packet contents discards this critical data.
> >> 
> >> Isn't this the behavior you'd get with res_send?
> >> 
> >> I think such error translation is precisely the point of the res_query
> >> convenience function (along with the implicit construction of the
> >> query packet).
> >
> > Does such a distinction exist?
> 
> Yes, I think so.  It's the behavior of the BIND 4 era stub resolver
> code.

OK. The man pages (and glibc docs? not sure) don't seem to document
this, so we should probably try to get them fixed too. The closest I
can find is the text that:

    "In the case of an error return from res_nquery(), res_query(),
    res_nsearch(), res_search(), res_nquerydomain(), or
    res_querydomain(), the global variable h_errno (see
    gethostbyname(3)) can be consulted to determine the cause of the
    error."

which could be interpreted as saying the same errors are specified to
happen (does this mean NODATA shoudl also be an error rather than a
success return?), but it doesn't make clear that nxdomain and noerror
are not errors for res_send etc.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.