Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200824213215.GL3265@brightrain.aerifal.cx>
Date: Mon, 24 Aug 2020 17:32:15 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: Incompatible behaviour of res_query(3) w.r.t. NXDOMAIN

On Mon, Aug 24, 2020 at 11:04:49PM +0200, Florian Weimer wrote:
> * Rich Felker:
> 
> > Hmm, I think in this case the "better" might be sufficient that we
> > want to keep it and pressure other implementations to change too. A
> > program performing a lookup where the result is NxDomain may very well
> > want to know whether that's an authenticated (by DNSSEC) NxDomain or
> > one in an insecure zone. Returning an error to the caller with no
> > packet contents discards this critical data.
> 
> Isn't this the behavior you'd get with res_send?
> 
> I think such error translation is precisely the point of the res_query
> convenience function (along with the implicit construction of the
> query packet).

Does such a distinction exist? I thought res_query was just equivalent
to res_mkquery+res_send and that calling res_send directly would get
you the same errors. If they are different then I suspect some
applications are doing the wrong thing calling res_query here and
should be using res_mkquery+res_send...

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.