|
Message-Id: <5CEB8952-4884-4FA2-ACD9-1BA118D2CB50@rb67.eu> Date: Mon, 24 Aug 2020 22:39:30 +0200 From: Daniel Neri <dne+musl@...7.eu> To: musl@...ts.openwall.com Subject: Re: Incompatible behaviour of res_query(3) w.r.t. NXDOMAIN On 24 Aug 2020, at 18:43, Rich Felker <dalias@...c.org> wrote: > > Hmm, I think in this case the "better" might be sufficient that we > want to keep it and pressure other implementations to change too. A > program performing a lookup where the result is NxDomain may very well > want to know whether that's an authenticated (by DNSSEC) NxDomain or > one in an insecure zone. Returning an error to the caller with no > packet contents discards this critical data. In that case, it’d be better to add a new resolver API, or implement an already existing one that supports this usecase. The other implementations I mentioned also support option flags (in global state) that can change the behaviour. res_query(3) is almost as old as DNS itself — it doesn’t seem likely that everyone else, both libraries and applications, are going to make incompatible changes at this point. Regards, Daniel
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.