From paul at xelerance.com Mon Jan 10 23:44:05 2011 From: paul at xelerance.com (Paul Wouters) Date: Mon, 10 Jan 2011 18:44:05 -0500 (EST) Subject: [ldns-users] oxffffffff in dns records cause a syntax error in ldns-read-zone In-Reply-To: <20101215205423.GB17427@miek.nl> References: <20101214131018.GA15432@miek.nl> <4D078495.7000802@nlnetlabs.nl> <20101215115324.GA19426@miek.nl> <4D08AE68.1060503@nlnetlabs.nl> <20101215143120.GC19426@miek.nl> <4D08E728.4070809@nlnetlabs.nl> <20101215205423.GB17427@miek.nl> Message-ID: Hi, While digging through a large customer zone, I found a few hostnames that contained 0xffffffff characters. Usually the hostname would be just those characters. Via AXFR you see these as \255\255\255[...] Doing some googling I surprisingly did find mention of these in some RFC's, so I guess these are legal (if buggy and unwise) characters. So should ldns-read-zone accept these as valid? :) Paul ps. if anyone knows what buggy software generates these dynamic updates, I'd be interested in knowing. From wouter at NLnetLabs.nl Tue Jan 11 08:44:47 2011 From: wouter at NLnetLabs.nl (W.C.A. Wijngaards) Date: Tue, 11 Jan 2011 09:44:47 +0100 Subject: [ldns-users] oxffffffff in dns records cause a syntax error in ldns-read-zone In-Reply-To: References: <20101214131018.GA15432@miek.nl> <4D078495.7000802@nlnetlabs.nl> <20101215115324.GA19426@miek.nl> <4D08AE68.1060503@nlnetlabs.nl> <20101215143120.GC19426@miek.nl> <4D08E728.4070809@nlnetlabs.nl> <20101215205423.GB17427@miek.nl> Message-ID: <4D2C187F.8080206@nlnetlabs.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Paul, On 01/11/2011 12:44 AM, Paul Wouters wrote: > While digging through a large customer zone, I found a few hostnames > that contained > 0xffffffff characters. Usually the hostname would be just those > characters. Via AXFR > you see these as \255\255\255[...] This works fine for me: \255\255\255\255. 3600 IN A 192.0.2.1 What is the input that fails? > Doing some googling I surprisingly did find mention of these in some > RFC's, so I > guess these are legal (if buggy and unwise) characters. > > So should ldns-read-zone accept these as valid? :) Yes, it works for me. > Paul > ps. if anyone knows what buggy software generates these dynamic updates, > I'd be > interested in knowing. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0sGH8ACgkQkDLqNwOhpPiz7wCgoi6qJGH7cZE3vTml73w8IFez MEUAn24nE6aUjjrGhQXPRKYRXwmcskKj =SzqF -----END PGP SIGNATURE----- From paul at xelerance.com Tue Jan 11 18:44:38 2011 From: paul at xelerance.com (Paul Wouters) Date: Tue, 11 Jan 2011 13:44:38 -0500 (EST) Subject: [ldns-users] oxffffffff in dns records cause a syntax error in ldns-read-zone In-Reply-To: <4D2C187F.8080206@nlnetlabs.nl> References: <20101214131018.GA15432@miek.nl> <4D078495.7000802@nlnetlabs.nl> <20101215115324.GA19426@miek.nl> <4D08AE68.1060503@nlnetlabs.nl> <20101215143120.GC19426@miek.nl> <4D08E728.4070809@nlnetlabs.nl> <20101215205423.GB17427@miek.nl> <4D2C187F.8080206@nlnetlabs.nl> Message-ID: On Tue, 11 Jan 2011, W.C.A. Wijngaards wrote: >> While digging through a large customer zone, I found a few hostnames >> that contained >> 0xffffffff characters. Usually the hostname would be just those >> characters. Via AXFR >> you see these as \255\255\255[...] > > This works fine for me: > \255\255\255\255. 3600 IN A 192.0.2.1 > > What is the input that fails? Below are 4 records. the middle two fail. 9z8m9432.xxxx.xx.xxx.com. 3600 IN A 10.xx.xx.55 \255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255.xxxx.xx.xxx.com. 3600 IN TXT "3188a04aecf2e812b6d4a95e6c13ee563f" \255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255.xxxx.xx.xxx.com. 3600 IN A 10.xx.xx.31 b28m9435.xxxx.xx.xxx.com. 3600 IN TXT "31ddf5714dd59e9d6d385fd839c86dd044" Note that, like reported before I think the line number reported is off by one :) Paul From miek at miek.nl Tue Jan 11 19:13:05 2011 From: miek at miek.nl (Miek Gieben) Date: Tue, 11 Jan 2011 20:13:05 +0100 Subject: [ldns-users] oxffffffff in dns records cause a syntax error in ldns-read-zone In-Reply-To: References: <20101214131018.GA15432@miek.nl> <4D078495.7000802@nlnetlabs.nl> <20101215115324.GA19426@miek.nl> <4D08AE68.1060503@nlnetlabs.nl> <20101215143120.GC19426@miek.nl> <4D08E728.4070809@nlnetlabs.nl> <20101215205423.GB17427@miek.nl> <4D2C187F.8080206@nlnetlabs.nl> Message-ID: <20110111191305.GB28069@miek.nl> [ Quoting Paul Wouters in "Re: [ldns-users] oxffffffff in dns "... ] > Below are 4 records. the middle two fail. > > 9z8m9432.xxxx.xx.xxx.com. 3600 IN A 10.xx.xx.55 > \255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255.xxxx.xx.xxx.com. 3600 IN TXT "3188a04aecf2e812b6d4a95e6c13ee563f" > \255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255.xxxx.xx.xxx.com. 3600 IN A 10.xx.xx.31 > b28m9435.xxxx.xx.xxx.com. 3600 IN TXT "31ddf5714dd59e9d6d385fd839c86dd044" ldns decides the records are too long: (59 x \255) \255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255.xxxx.xx.xxx.com. 3600 IN TXT "3188a04aecf2e812b6d4a95e6c13ee563f" works, 1 more doesn't: (60 x \255) \255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255.xxxx.xx.xxx.com. 3600 IN TXT "3188a04aecf2e812b6d4a95e6c13ee563f" > Note that, like reported before I think the line number reported is off > by one :) I see that too, but ONLY if I have an empty line after the line containing the error: Syntax error, could not parse the RR at 4 9z8m9432.xxxx.xx.xxx.com. 86400 IN SOA elektron.atoom.net. miekg.atoom.net. 2009032802 21600 7200 604800 3600 9z8m9432.xxxx.xx.xxx.com. 3600 IN A 10.5.3.55 \255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255\255.xxxx.xx.xxx.com. 3600 IN TXT "3188a04aecf2e812b6d4a95e6c13ee563f" b28m9435.xxxx.xx.xxx.com. 3600 IN TXT "31ddf5714dd59e9d6d385fd839c86dd044" Removing the empty line: Syntax error, could not parse the RR at 3 (all done with ldns-1.6.4) grtz, -- Miek -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From miek at miek.nl Tue Jan 11 19:23:32 2011 From: miek at miek.nl (Miek Gieben) Date: Tue, 11 Jan 2011 20:23:32 +0100 Subject: [ldns-users] oxffffffff in dns records cause a syntax error in ldns-read-zone In-Reply-To: <20110111191305.GB28069@miek.nl> References: <4D078495.7000802@nlnetlabs.nl> <20101215115324.GA19426@miek.nl> <4D08AE68.1060503@nlnetlabs.nl> <20101215143120.GC19426@miek.nl> <4D08E728.4070809@nlnetlabs.nl> <20101215205423.GB17427@miek.nl> <4D2C187F.8080206@nlnetlabs.nl> <20110111191305.GB28069@miek.nl> Message-ID: <20110111192332.GA1041@miek.nl> [ Quoting Miek Gieben in "Re: [ldns-users] oxffffffff in dns "... ] > ldns decides the records are too long: > (59 x \255) > > works, 1 more doesn't: > (60 x \255) > str2host.c 287 len = strlen((char*)str); 288 /* octet representation can make strings a lot longer than actual length */ 289 if (len > LDNS_MAX_DOMAINLEN * 4) { 290 return LDNS_STATUS_DOMAINNAME_OVERFLOW; 291 } grtz, Miek -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From edmonds at debian.org Tue Jan 11 19:31:11 2011 From: edmonds at debian.org (Robert Edmonds) Date: Tue, 11 Jan 2011 14:31:11 -0500 Subject: [ldns-users] oxffffffff in dns records cause a syntax error in ldns-read-zone In-Reply-To: <20110111192332.GA1041@miek.nl> References: <20101215115324.GA19426@miek.nl> <4D08AE68.1060503@nlnetlabs.nl> <20101215143120.GC19426@miek.nl> <4D08E728.4070809@nlnetlabs.nl> <20101215205423.GB17427@miek.nl> <4D2C187F.8080206@nlnetlabs.nl> <20110111191305.GB28069@miek.nl> <20110111192332.GA1041@miek.nl> Message-ID: <20110111193111.GA15986@mycre.ws> Miek Gieben wrote: > 287 len = strlen((char*)str); > 288 /* octet representation can make strings a lot longer than actual length */ > 289 if (len > LDNS_MAX_DOMAINLEN * 4) { > 290 return LDNS_STATUS_DOMAINNAME_OVERFLOW; > 291 } ldns/rr.h:#define LDNS_MAX_DOMAINLEN 255 255 * 4 is 1020. from libbind , #define NS_MAXDNAME 1025 /*%< maximum domain name (presentation format)*/ i don't recall off-hand the math to come up with the 1025 value... -- Robert Edmonds edmonds at debian.org From wouter at NLnetLabs.nl Wed Jan 12 08:31:16 2011 From: wouter at NLnetLabs.nl (W.C.A. Wijngaards) Date: Wed, 12 Jan 2011 09:31:16 +0100 Subject: [ldns-users] oxffffffff in dns records cause a syntax error in ldns-read-zone In-Reply-To: <20110111193111.GA15986@mycre.ws> References: <20101215115324.GA19426@miek.nl> <4D08AE68.1060503@nlnetlabs.nl> <20101215143120.GC19426@miek.nl> <4D08E728.4070809@nlnetlabs.nl> <20101215205423.GB17427@miek.nl> <4D2C187F.8080206@nlnetlabs.nl> <20110111191305.GB28069@miek.nl> <20110111192332.GA1041@miek.nl> <20110111193111.GA15986@mycre.ws> Message-ID: <4D2D66D4.2010509@nlnetlabs.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, On 01/11/2011 08:31 PM, Robert Edmonds wrote: > Miek Gieben wrote: >> 287 len = strlen((char*)str); >> 288 /* octet representation can make strings a lot longer than actual length */ >> 289 if (len > LDNS_MAX_DOMAINLEN * 4) { >> 290 return LDNS_STATUS_DOMAINNAME_OVERFLOW; >> 291 } > > ldns/rr.h:#define LDNS_MAX_DOMAINLEN 255 > > 255 * 4 is 1020. > > from libbind , > > #define NS_MAXDNAME 1025 /*%< maximum domain name (presentation format)*/ > > i don't recall off-hand the math to come up with the 1025 value... I would argue that the ldns 4*255 is correct. The max wireformat domain name length including label-count-values and end-root-label is 255 (because 1034 says so and because that fits into a single octet). Thus its representation cannot be longer than 255 * '\123'. Actually even a little shorter since the final root label would be a '.' and thus not 4 characters in its representation, and other label-divisor dots would also be short dots. And since labels can be 63 characters at most and then require a dot to terminate the label, it is actually again a couple characters shorter. So the longest representation domain name has few labels (because dots are so short), 256/64 is 4 labels. Of the 255 octets on the wire, 4 are label lengths and one is the end root label. leaving 251 octets that need '\123' representation, for a maximum length of 251*4 + 5 = 1009. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.15 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk0tZtQACgkQkDLqNwOhpPi75wCcCnjlLEodXeg395MtBEr1AhWX wFUAnR0Roz2AStJoXJgvUtyU9XhaW+92 =/B8Z -----END PGP SIGNATURE----- From matthijs at NLnetLabs.nl Mon Jan 24 14:49:14 2011 From: matthijs at NLnetLabs.nl (Matthijs Mekking) Date: Mon, 24 Jan 2011 15:49:14 +0100 Subject: [ldns-users] ldns 1.6.8 released In-Reply-To: <4CD7DEE0.40108@nlnetlabs.nl> References: <4CD7DEE0.40108@nlnetlabs.nl> Message-ID: <4D3D916A.1050509@nlnetlabs.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, ldns 1.6.8 is out. Best regards, Matthijs Mekking link: http://www.nlnetlabs.nl/downloads/ldns/ldns-1.6.8.tar.gz sha1: e736160f36b7dcc0303269d3c0a9be88b7ad10c4 Changelog: * Fix ldns zone, so that $TTL definition match RFC 2308. * Fix lots of missing checks on allocation failures and parse of NSEC with many types and max parse length in hosts_frm_fp routine and off by one in read_anchor_file routine (thanks Dan Kaminsky and Justin Ferguson). * bugfix #355: Drill: Print both SHA-1 and SHA-256 corresponding DS records. * Print correct WHEN in query packet (is not always 1-1-1970) * ldns-test-edns: new example tool that detects EDNS support. * fix ldns_resolver_send without openssl. * bugfix #342: patch for support for more CERT key types (RFC4398). * bugfix #351: fix udp_send hang if UDP checksum error. * fix set_bit (from NSEC3 sign) patch from Jan Komissar. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNPZFqAAoJEA8yVCPsQCW58S4H/2EPfvCX/2wQVLFb5PlEvxiD mWIuCG4dpnf/JSEMQFo9u9LKvB0d93OjUR2Pg2Xl0BrvQl03zGPhXoHfMU52FCAP AkWH7LhFs8z2Q7Y6lIlfNHpX9mnLyP15XQoyEjJ8/F76U19Cf2Ad77o0BisLvn3w UKH5lO7CCQ+L6nkbOwMVKvwAgF97pMcPeRYKSqgFVl3xiTUvKxiMczjOqKywF6N9 ui246coP1i61COkSK4KvwzPbopQEoQzhiBHciWMhLC8qPKu1oMOG1OhuGOnEXNs6 d2GmDSL9HCuArANJI7Dd4KjPxBuRmfS8L3frsq91sONQa8JjSVe3PTk9NjaHrvw= =g40d -----END PGP SIGNATURE-----