[ldns-users] Broken code in ldns_pkt_query_new_frm_str

Matthijs Mekking matthijs at nlnetlabs.nl
Mon May 13 14:28:27 UTC 2013

Hi Michael,

That code was added to make drill perform a more useful IXFR query. When 
doing 'drill -t IXFR ...', it did not add a SOA RR in the authority 
section, and made bind9 return a FORMERR. Adding a default SOA RR will 
at least make bind9 to figure out that the serial does not match and 
will return an AXFR.

So it is a drill bugfix. I agree that it is unfortunate that this 
changes the behavior for ldns_pkt_query_new_frm_str. It might be better 
to restore the function and fix the bug different. This would require a 
new function call that is an adaptation of ldns_resolver_query, adding a 
parameter to define an authority RR.

Best regards,

On 05/10/2013 09:31 PM, Michael Sheldon wrote:
> Sometime fairly recently, code was added to the
> ldns_pkt_query_new_frm_str function to add an SOA record to the
> authority section if the query type is IXFR.
> Problem is, it's completely broken. This doesn't actually work unless
> the SOA serial value is correct for the relevant query. It also broke my
> systems, since I was adding a proper SOA to the authority myself, thus
> resulting in two SOA in the authority, and a resulting FORMERR from
> remote systems.
> Michael Sheldon
> Dev-DNS Services
> GoDaddy.com
> _______________________________________________
> ldns-users mailing list
> ldns-users at open.nlnetlabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/ldns-users

More information about the ldns-users mailing list