From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Re: [musl] Incompatible behaviour of res_query(3) w.r.t. NXDOMAIN
Date: Mon, 24 Aug 2020 17:36:18 -0400 [thread overview]
Message-ID: <20200824213618.GM3265@brightrain.aerifal.cx> (raw)
In-Reply-To: <5CEB8952-4884-4FA2-ACD9-1BA118D2CB50@rb67.eu>
On Mon, Aug 24, 2020 at 10:39:30PM +0200, Daniel Neri wrote:
> On 24 Aug 2020, at 18:43, Rich Felker <dalias@libc.org> wrote:
> >
> > Hmm, I think in this case the "better" might be sufficient that we
> > want to keep it and pressure other implementations to change too. A
> > program performing a lookup where the result is NxDomain may very well
> > want to know whether that's an authenticated (by DNSSEC) NxDomain or
> > one in an insecure zone. Returning an error to the caller with no
> > packet contents discards this critical data.
>
> In that case, it’d be better to add a new resolver API, or implement
> an already existing one that supports this usecase. The other
> implementations I mentioned also support option flags (in global
> state) that can change the behaviour.
>
> res_query(3) is almost as old as DNS itself — it doesn’t seem likely
> that everyone else, both libraries and applications, are going to
> make incompatible changes at this point.
If it were really incompatible behavior I would agree, but the
behaviors aren't incompatible. Either is compatible with the same
underspecified documentation, and a reasonable caller will easily deal
with both -- the nxdomain reply looks very similar to nodata, which it
also needs to be able to handle, except for the different error code
(3 vs 0). A caller can't assume just because res_query succeeded that
ancount>0.
Rich
next prev parent reply other threads:[~2020-08-24 21:36 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-23 21:31 Daniel Neri
2020-08-24 16:16 ` Rich Felker
2020-08-24 16:43 ` Rich Felker
2020-08-24 20:39 ` Daniel Neri
2020-08-24 21:36 ` Rich Felker [this message]
2020-08-24 21:04 ` Florian Weimer
2020-08-24 21:32 ` Rich Felker
2020-08-24 21:51 ` Daniel Neri
2020-08-24 22:09 ` Rich Felker
2020-08-25 3:26 ` Rich Felker
2020-08-25 13:56 ` Daniel Neri
2020-08-24 22:04 ` Florian Weimer
2020-08-24 22:13 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200824213618.GM3265@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).