From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 24442 invoked from network); 23 Jul 2021 20:35:13 -0000
Received: from mother.openwall.net (195.42.179.200)
  by inbox.vuxu.org with ESMTPUTF8; 23 Jul 2021 20:35:13 -0000
Received: (qmail 13907 invoked by uid 550); 23 Jul 2021 20:35:11 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 13886 invoked from network); 23 Jul 2021 20:35:10 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=X6ivnTQkMCQyQWY/LPliffN73N8PtcMqvJTZkEqISwc=;
        b=K9OW6TWIT+oaCJlDPeQyySSGKzV7Rsv0Rj3LhNTsczwdDXpkvrtqBs2V9ipn7vvopU
         oFFFbUObYSk0DA4dnKWVchjSs367WKhzP3hF78KBea2gZ4bURF9TuGqYTbjq1LuZ+I4q
         DABH5jf9AWJUjRmqCONkMxwGuybF7fVrzVURsTW/IvORjWkxBnSe3qwFH06vEmkLsDdy
         gvTbX47iEg/somyvuJsA9LXAnC1Sqj11k4DBfUIJzhDJEFd5PvZ13XnXLv6BHfKpJnYC
         TXKQpC9J110k7xKqYF96bfrH/ELIEni1GpzNPyJDLsIMbrxdWkaWBVjwQ29hrnbmjGLl
         sLrw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=X6ivnTQkMCQyQWY/LPliffN73N8PtcMqvJTZkEqISwc=;
        b=jK0Rmb8cLBMWxlbDUxAPdfVnhTyRVI/kGT8I7ysZrVdfAJowyXqs7sjuN+Ao4csbe8
         xPwhewzJ27OHfuQ4YuwvfiLdOIbEfECweXSPfml/NYsFi0PUhfBlygMAz34XAI98x6jr
         l6plF8g/c/cU2ttK9skBe6Q6MP5zJCuPaKDSaxSbCFa4JEEdoVTF0JpVgy7qtgnEtai6
         IjQniX2L6ZBdkz9T4TE5Bw5YQ1/RvO/n+T1YVLl+1Ak9gEvQG2YmGrp/ZD3baYiFsy7z
         hQerQAxiNYRx+GSGybzbLUAdDNNGNk68Koq6fZzn6wkO1vgVWCEkESXMGv4o9gm0WsBt
         LIeQ==
X-Gm-Message-State: AOAM530Tgt8YlNtK9Ck2efEP3PvHBSyDh1tdnnVFq7KBL9WzAR1JxFAz
	S3GyjasTVst65wkURbG/SvDyyBNqRvMnPhXcqiW83SrZgw==
X-Google-Smtp-Source: ABdhPJyZe5zdlzy/7jnJDJvPm2AcsvnG88zZYRaOQy56/rzBKA1EZbE4XODrAT2acyB4Gpo7QeOujfEVDVdGAV5LDeM=
X-Received: by 2002:a17:90a:de16:: with SMTP id m22mr6252498pjv.54.1627072498475;
 Fri, 23 Jul 2021 13:34:58 -0700 (PDT)
MIME-Version: 1.0
References: <CAMhVC3bmXRW0WBnJNgVN66vHfLr-oz0PkWTOa9tiqTtJkMXbtQ@mail.gmail.com>
 <5463e48e-c6b7-f6e3-e405-6cf654b35c57@gmail.com> <20210719211225.GK13220@brightrain.aerifal.cx>
 <CAMhVC3YtPgVhU46L1VnT9zOyxQTkuFQAA5CV=f9s=uryKROyhQ@mail.gmail.com>
In-Reply-To: <CAMhVC3YtPgVhU46L1VnT9zOyxQTkuFQAA5CV=f9s=uryKROyhQ@mail.gmail.com>
From: Yuri Kanivetsky <yuri.kanivetsky@gmail.com>
Date: Fri, 23 Jul 2021 23:33:17 +0300
Message-ID: <CAMhVC3YQMHNyuQJv1HMeV71mZKeF+NgMr_udvSpEwuA9Hajjfg@mail.gmail.com>
To: musl@lists.openwall.com
Cc: "Olivier A." <olivier.antoine@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Subject: Re: [musl] getaddrinfo() fails for domains with no AAAA records (regression?)

I mean, I can see they address ENTs, but I don't see anything
concerning the cases where there's an A RR, but no AAAA RR.
Especially, if wildcard records are considered.

On Fri, Jul 23, 2021 at 11:25 PM Yuri Kanivetsky
<yuri.kanivetsky@gmail.com> wrote:
>
> Can you possibly provide some quotes from the RFCs? The closest I could find is:
>
> >      QNAME=host3.example. QTYPE=A, QCLASS=IN
> >           the answer will reflect "no error, but no data"
> >           because there is no A RR set at '*.example.'
>
> https://datatracker.ietf.org/doc/html/rfc4592
>
> And it's from an example.
>
> Also, all other software I could get my hands on (basically, glibc, I
> guess) ignores NXDOMAIN for AAAA RRs.
>
> On Tue, Jul 20, 2021 at 12:12 AM Rich Felker <dalias@libc.org> wrote:
> >
> > On Mon, Jul 19, 2021 at 11:07:21PM +0200, Olivier A. wrote:
> > > On 19/07/2021 14:58, Yuri Kanivetsky wrote:
> > > >  [..]
> > >
> > > Hi,
> > >
> > > I notice that too. If both A and AAAA are sent and there is a
> > > response for A and NXDomain for AAAA
> > >
> > > musl-libc discard both results. It's the expected behaviour
> > > according to this commit:
> > >
> > > https://git.musl-libc.org/cgit/musl/commit/src/network/lookup_name.c?id=5cf1ac2443ad0dba263559a3fe043d929e0e5c4c
> > >
> > > And it conform to https://datatracker.ietf.org/doc/html/rfc8020
> > >
> > > It's was not the case before Alpine-Linux 3.13
> > >
> > > But I also notice that if the DNS reply ServFailed instead of
> > > NXDomain for AAAA request, musl-libc retry 10 times, return 'bad
> > > address' and do not fallback to return a A record.
> > >
> > > According to
> > > https://datatracker.ietf.org/doc/html/rfc4074#section-4.3 it's not
> > > expected.
> >
> > This behavior is necessary/mandatory to provide secure behavior under
> > DNSSEC. Otherwise a forged response (causing ServFail) would result in
> > a false answer returned to the application, indicating that only one
> > or the other exists, rather than the correct inconclusive answer.
> >
> > This is https://sourceware.org/bugzilla/show_bug.cgi?id=27929