Closed nuclight closed 3 years ago
I'm afraid you are mistaken, ldns is not used for the host command (/usr/bin/host nor the ports/packages version).
It is:
strings -n 4 /usr/bin/host | grep ldns | wc -l
109
https://github.com/freebsd/freebsd-src/blob/main/usr.bin/host/Makefile
The /usr/bin/host
is not part of ldns but FreeBSD. It is apparently using a private version of the library.
ldd /usr/bin/host
/usr/bin/host:
libprivateldns.so.5 => /usr/lib/libprivateldns.so.5 (0x80024a000)
libc.so.7 => /lib/libc.so.7 (0x8002ad000)
libssl.so.111 => /usr/lib/libssl.so.111 (0x8006bf000)
libcrypto.so.111 => /lib/libcrypto.so.111 (0x800757000)
libthr.so.3 => /lib/libthr.so.3 (0x800a4b000)
Hmm, seems it is really separate project, my mistake... but btw "private" is just FreeBSD's convention for imported into base versions to not clash with installed from ports/packages if someone wants more fresh version.
Thanks, yes, a 246 byte length limit for a dname does not feel like it has anything to do with ldns. Closing ticket.
Hi, all. This might be a bug in LDNS after all.
Here's a test program:
#include <ldns/ldns.h>
#include <stdio.h>
int
main(int argc, char *argv[])
{
ldns_rdf *dname;
ldns_status status;
if ((status = ldns_str2rdf_dname(&dname, argv[1])) != LDNS_STATUS_OK) {
printf("ldns_str2rdf_dname failed: %s\n", ldns_get_errorstr_by_id(status));
} else{
printf("ldns_str2rdf_dname succeeded\n");
printf("ldns_rdf2str returns <%s>\n", ldns_rdf2str(dname));
}
return 0;
}
Here's what I get from it with the input from the original message:
$ ./test a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f1234567.com
ldns_str2rdf_dname succeeded
ldns_rdf2str returns <(null)>
It is because ldns_str2rdf_dname
succeeds instead of returning something like LDNS_STATUS_DOMAINNAME_OVERFLOW
, ldns-host
thinks everything's OK, and does what it does.
So should this issue be reopened?
No, sorry for not responding earlier, but this has already been resolved on the develop branch:
$ ./test a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f1234567.com
ldns_str2rdf_dname failed: Domainname length overflow
Oh, I see. Thanks. Then I guess a new release is due at some point soon? Once that happens, @nuclight, would you push for FreeBSD to update the bundled ldns version too?
In a discussion about
nsd
which led to separate issue to check maximum domain length, a bug inhost
was found:$ host a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f1234567.com
;; connection timed out; no servers could be reached
... is parsed by
host
, though it is 1 char longer then allowed. BTW,drill
reports error correctly. Then,$ host a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456789g12.a123456789b123456789c123456789d123456789e123456789f123456.com
host: '(null)' is not a legal name (Domainname length overflow)
while it is already in allowed length by standard. Moreover, trying to cut characters one by one of rightmost label before
.com
still produces overflow error! Until about 246 characters long.This is
host
from FreeBSD 11.4, that is,ldns/util.h:#define LDNS_VERSION "1.6.17"