From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 454 invoked from network); 24 Aug 2020 20:39:50 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 24 Aug 2020 20:39:50 -0000 Received: (qmail 24369 invoked by uid 550); 24 Aug 2020 20:39:43 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 24350 invoked from network); 24 Aug 2020 20:39:42 -0000 From: Daniel Neri Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.15\)) Date: Mon, 24 Aug 2020 22:39:30 +0200 References: <5232EC15-7E60-4D1F-BF3B-C31BFF998C06@rb67.eu> <20200824161646.GH3265@brightrain.aerifal.cx> <20200824164326.GI3265@brightrain.aerifal.cx> To: musl@lists.openwall.com In-Reply-To: <20200824164326.GI3265@brightrain.aerifal.cx> Message-Id: <5CEB8952-4884-4FA2-ACD9-1BA118D2CB50@rb67.eu> X-Mailer: Apple Mail (2.3445.104.15) Subject: Re: [musl] Incompatible behaviour of res_query(3) w.r.t. NXDOMAIN On 24 Aug 2020, at 18:43, Rich Felker wrote: >=20 > Hmm, I think in this case the "better" might be sufficient that we > want to keep it and pressure other implementations to change too. A > program performing a lookup where the result is NxDomain may very well > want to know whether that's an authenticated (by DNSSEC) NxDomain or > one in an insecure zone. Returning an error to the caller with no > packet contents discards this critical data. In that case, it=E2=80=99d be better to add a new resolver API, or = implement an already existing one that supports this usecase. The other = implementations I mentioned also support option flags (in global state) = that can change the behaviour. res_query(3) is almost as old as DNS itself =E2=80=94 it doesn=E2=80=99t = seem likely that everyone else, both libraries and applications, are = going to make incompatible changes at this point. Regards, Daniel