search

PowerDNS / pdns

PowerDNS Authoritative, PowerDNS Recursor, dnsdist
https://www.powerdns.com/
GNU General Public License v2.0
3.67k stars 906 forks source link

$ORIGIN directive should accept relative names #3629

Open nlyan opened 8 years ago

nlyan commented 8 years ago

From the "why-won't-this-guy-go-away-and-stop-reporting-silly-bugs department". BIND accepts $ORIGIN directives that depend on the current origin. For example:

$TTL 3600
powerdns.com.  IN  SOA   ns1.powerdns.com. zonemaster.powerdns.com. ( 
                                            2016032601 1d 2h 4w 1h  )
@ IN NS ns1.powerdns.com.
$ORIGIN powerdns.com
ns1 IN A 127.0.0.1
$ named-compilezone -o - powerdns.com pdns.zone 
zone powerdns.com/IN: NS 'ns1.powerdns.com' has no address records (A or AAAA)
zone powerdns.com/IN: not loaded due to errors.

BIND fails to load the 'ns1' record because it expands to 'ns1.powerdns.com.powerdns.com.' PowerDNS, on the other hand, assumes all $ORIGIN arguments are absolute, and only expands it to 'ns1.powerdns.com.', which completes the zone.

$ zone2json --zone-name=powerdns.com --zone=pdns.zone | jq

{
  "name": "powerdns.com",
  "records": [
    {
      "name": "powerdns.com.",
      "type": "SOA",
      "ttl": 3600,
      "prio": 0,
      "content": "ns1.powerdns.com. zonemaster.powerdns.com. 2016032601 86400 7200 2419200 3600"
    },
    {
      "name": "powerdns.com.",
      "type": "NS",
      "ttl": 3600,
      "prio": 0,
      "content": "ns1.powerdns.com"
    },
    {
      "name": "ns1.powerdns.com.",
      "type": "A",
      "ttl": 3600,
      "prio": 0,
      "content": "127.0.0.1"
    }
  ]
}

RFC 1035 also seems to suggest accepting relative names here is intended.

hlindqvist commented 8 years ago

Indeed, RFC1035 does indicate that $ORIGIN accepts relative names.

    $ORIGIN <domain-name> [<comment>]

...

<domain-name>s make up a large share of the data in the master file.
The labels in the domain name are expressed as character strings and
separated by dots.  Quoting conventions allow arbitrary characters to be
stored in domain names.  Domain names that end in a dot are called
absolute, and are taken as complete.  Domain names which do not end in a
dot are called relative; the actual domain name is the concatenation of
the relative part with an origin specified in a $ORIGIN, $INCLUDE, or as
an argument to the master file loading routine.  A relative name is an
error when no origin is available.