[ldns-users] Broken code in ldns_pkt_query_new_frm_str
matthijs at nlnetlabs.nl
Mon May 13 14:28:27 UTC 2013
That code was added to make drill perform a more useful IXFR query. When
doing 'drill -t IXFR ...', it did not add a SOA RR in the authority
section, and made bind9 return a FORMERR. Adding a default SOA RR will
at least make bind9 to figure out that the serial does not match and
will return an AXFR.
So it is a drill bugfix. I agree that it is unfortunate that this
changes the behavior for ldns_pkt_query_new_frm_str. It might be better
to restore the function and fix the bug different. This would require a
new function call that is an adaptation of ldns_resolver_query, adding a
parameter to define an authority RR.
On 05/10/2013 09:31 PM, Michael Sheldon wrote:
> Sometime fairly recently, code was added to the
> ldns_pkt_query_new_frm_str function to add an SOA record to the
> authority section if the query type is IXFR.
> Problem is, it's completely broken. This doesn't actually work unless
> the SOA serial value is correct for the relevant query. It also broke my
> systems, since I was adding a proper SOA to the authority myself, thus
> resulting in two SOA in the authority, and a resulting FORMERR from
> remote systems.
> Michael Sheldon
> Dev-DNS Services
> ldns-users mailing list
> ldns-users at open.nlnetlabs.nl
More information about the ldns-users