From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 7177 invoked by alias); 22 Oct 2010 14:51:43 -0000 Received: (qmail 7010 invoked by uid 22791); 22 Oct 2010 14:51:42 -0000 X-SWARE-Spam-Status: No, hits=2.7 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00,MISSING_MID,SARE_SPOOF_COM2COM,SARE_SPOOF_COM2OTH,SPOOF_COM2COM,SPOOF_COM2OTH X-Spam-Check-By: sourceware.org Received: from localhost (HELO sourceware.org) (127.0.0.1) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Fri, 22 Oct 2010 14:51:37 +0000 From: "vincent.viallet at gmail dot com" To: glibc-bugs@sources.redhat.com Subject: [Bug libc/12154] Can not resolve chained CNAME with a wildcard among the chained CNAME X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: vincent.viallet at gmail dot com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: drepper.fsp at gmail dot com X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: In-Reply-To: References: X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Date: Fri, 22 Oct 2010 14:51:00 -0000 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2010-10/txt/msg00125.txt.bz2 Message-ID: <20101022145100.Ir_omUwyinl4iMOPvzxZmZr5vfUuoMnaV8X6TxF9P6E@z> http://sourceware.org/bugzilla/show_bug.cgi?id=12154 --- Comment #1 from Vincent Viallet 2010-10-22 14:51:29 UTC --- Quick discussion over IRC - with some of the extra tests performed ----------------------- [10:25pm] grawity: There are two separate rules for host names. [10:26pm] grawity: One is the DNS protocol: everything is allowed, except for null byte. * is an ordinary character. [10:26pm] grawity: (That's how Freenode cloaks could be spoofed; "/" is valid.) [10:26pm] grawity: The other is "hostnames" - those that point to actual machines. They are limited to A-Z a-z 0-9 and - _ [10:27pm] grawity: Since the function is called gethostbyname(), there's a chance it checks for the latter... [10:28pm] grawity: (Although I doubt it. gethostbyname() shouldn't even check immediate results, only final one) [10:28pm] balou_fr: ooh - so getting a * as a reply to a DNS request would be considered as invalid - since only a-zA-Z0-9_- are awaitend [10:29pm] grawity: actually, requesting * [10:29pm] grawity: But that's where I get confused. gethostbyname() does not request "*.live.com". [10:29pm] grawity: Microsoft's DNS server does the job of following CNAMEs. [10:31pm] balou_fr: it only appears to affect linux server - macos do not have this issue (didnt tested windows - none accessible) [10:32pm] balou_fr: well - it should request *.live.com -- it d fail but that s one of the issue of the Cnames [10:32pm] grawity: dig "*.live.com" [10:33pm] balou_fr: it does work [10:33pm] balou_fr: ;; ANSWER SECTION: [10:33pm] balou_fr: *.live.com.649INCNAMErds.live.com.nsatc.net. [10:33pm] balou_fr: rds.live.com.nsatc.net.132INA65.55.206.154 [10:33pm] grawity: Notice how both the CNAME and its target are under 'ANSWER' [10:33pm] balou_fr: but dig is pure DNS protocol [10:33pm] grawity: libc _shouldn't need_ to follow CNAMES -- it's alrady done by DNS server. [10:36pm] grawity: Testing 'dig chat.freenode.net' which is a CNAME: [10:36pm] grawity: 1.323094 snow.home -> fog.home DNS Standard query A irc.freenode.net [10:36pm] grawity: 1.425244 fog.home -> snow.home DNS Standard query response CNAME chat.freenode.net A 216.155.130.130 A 216.165.191.52 A 78.40.125.4 A 82.96.64.4 A 86.65.39.15 A 128.237.157.136 A 130.237.188.200 A 140.211.166.3 A 140.211.166.4 A 174.143.119.91 A 208.71.169.36 A 213.92.8.4 A 213.161.196.11 A 213.179.58.83 A 213.232.93.3 [10:37pm] balou_fr: non it s not - tcpdump show only 1 round trip [10:38pm] balou_fr: with all the CNAMEs in the reply [10:38pm] grawity: Testing with what - dig or...? [10:38pm] balou_fr: tcpdump on a terminal - ping (with failure) on another [10:40pm] grawity: Now just to make sure, I tested with the problematic domain [10:40pm] grawity: 88.389299 snow.home -> fog.home DNS Standard query A messenger.live.com [10:40pm] grawity: 88.489966 fog.home -> snow.home DNS Standard query response CNAME get.live.com CNAME *.live.com CNAME rds.live.com.nsatc.net A 65.55.60.123 [10:40pm] grawity: And now I really don't know why libc fails on it [10:40pm] grawity: Eh, they should react on that report soon. [10:43pm] balou_fr: also - do u mind if I attach part of this discussion in the Bug report ? [10:43pm] balou_fr: (filtered to only the relevant talk of course) [10:43pm] grawity: Sure. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.