pdnsutil: inconsistent error checking

[ralight]

This is with pdns-server 4.0.0 from repo.powerdns.com on Ubuntu xenial.

Running pdnsutil edit-zone example.org I get:

Error: Parsing record content (try 'pdnsutil check-zone'): Data field in DNS should start with quote (") at position 0 of 'TXT record content'

Then running pdnsutil check-zone example.org I get... nothing. I wasn't sure what to expect, but something at least.

[cmouse]

was this some content you were adding?

[ralight]

No, it was existing content having migrated over from 3.x.

I'm using the sqlite backend if that matters.

[cmouse]

Try running pdnsutil check-all-zones

[ralight]

Checked 54 records of 'example.org', 0 errors, 0 warnings.

[ralight]

(which is the same result as with pdnsutil check-zone example.org)

[cmouse]

can you extract the offending record?

[ralight]

Yes, it's just a TXT record without quote marks.

To reproduce, assuming sqlite3 backend

pdnsutil create-zone example.org
echo "select * from domains where name='example.org';" | sqlite3 pdns.sqlite3 # get the domain id
echo "insert into records values(9999,<domain id>,'example.org','TXT','hello world',3600,NULL,NULL,0,'',1);" | sqlite3 pdns.sqlite3
pdnsutil edit-zone example.org

The key point is that the message about the quote marks only appears if there is a space in the content field.

[thechile]

I have same problem. create-zone says a-ok but edit-zone fails with Data field in DNS should start with quote (") at position 0 error because the TXT record isn't a quoted string.

Below is what's happening... record sqlite entry 16 is example of TXT entry generating error.

select * from records;
...
15|1|sdfsf.example.com|TXT|fgdfgdgdfg|86400|0|1469695253|0||1
16|1|test.example.com|TXT|!@##@$%$^&&*()|86400|0|1469751384|0||1

$ pdnsutil check-all-zones
Jul 29 00:17:07 Reading random entropy from '/dev/urandom'
Jul 29 00:17:07 gsqlite3: connection to '/etc/pdns/pdns.sqlite3.sql' successful
Jul 29 00:17:07 gsqlite3: connection to '/etc/pdns/pdns.sqlite3.sql' successful
Checked 9 records of 'example.com', 0 errors, 0 warnings.
Checked 1 zones, 0 had errors.

pdnsutil edit-zone example.com
Jul 29 00:17:37 Reading random entropy from '/dev/urandom'
Jul 29 00:17:37 gsqlite3: connection to '/etc/pdns/pdns.sqlite3.sql' successful
Jul 29 00:17:37 gsqlite3: connection to '/etc/pdns/pdns.sqlite3.sql' successful
Error: Parsing record content (try 'pdnsutil check-zone'): Data field in DNS should start with quote (") at position 0 of '!@##@$%$^&&*()'

If i remove the record causing the error, 16, then edit-zone will work BUT on loading it shows the other TXT entry in VIM as quoted i.e in the DB it's fgdfgdgdfg but edit-zone displays it as "fgdfgdgdfg".

If i reenter the same string as before but quoted i.e. "!@##@$%$^&&*()" then edit-zone will load OK.

From what i know TXT records as per RFC should be quoted so edit-zone is correct, but it's confusing that it works with one unquoted string but not the other.. yet it seems to auto quote one of the TXT records ?? So edit-zone is half working but check-zone is broken and isn't able to correctly validate records for RFC compliance ?

[akaKuruma]

PR #4406 related.

[K0HAX]

I would like to add that on pdnsutil 4.0.1 if I try adding a TXT record with an = in it I get the same error, even if I do enclose it with quotes.
pdnsutil add-record <zone> <host> TXT "foo=bar"

[Habbie]

@K0HAX can you try '"foo=bar"'? Your shell is eating the " the way you use it.

[K0HAX]

That does work.
Thanks!

[sndrsmnk]

I'm also seeing this edit-zone 'inconsistent error checking' in 4.0.3-1pdns.xenial.

Exact scenario as in OP's report: data from old 3.x setup has no "'s surrounding TXT-RR content, edit-zone fails, check-zone/check-all-zones doesn't mind, result in DNS as expected.

[XANi]

is there a reason quote is required ? I'm trying to migrate old setup to 4.0.3 (current Debian stable) and TXT records without "" are resolved fine, are not reported as bad by pdnsutil but are reported bad on reading by API (breaking any web ui that uses the API).

err-ing out on read is pointless because there is no way to fix it if you already have it in database, sans going to DB and manually fixing those. All it does is breaking any API-using app.

Also it seems like web frontends relying on database do not add "" while saving which makes it worse.

If quote is required for TXT records shouldn't it just be added automatically if record doesn't have "" instead of throwing 500's around ?

[wdoekes]

Same here, using a rather old web frontend that added TXT records without quotes.

I could fix the web-frontend and all the records, but it appears that any lack of quotes are fixed by the pdns server anyway. So I'm unsure whether to store them in (mysql) DB with or without quotes.

If check-zone started complaining about lack of quotes, I'd know which way to correct the records.

(Also running debian with pdns 4.0.3 here by the way.)

[benv666]

Just ran into the same:

$ pdnsutil check-zone example.nl
Checked 17 records of 'example.nl', 0 errors, 0 warnings.
$ pdnsutil edit-zone example.nl
Error: Parsing record content (try 'pdnsutil check-zone'): Data field in DNS should start with quote (") at position 0 of 'k=rsa; p=longstring'

In my postgresql backend:

    id     | domain_id |             name              | type |       content       |  ttl  | prio | change_date | disabled | ordername | auth
 125812189 |       180 | default._domainkey.example.nl | TXT  | k=rsa; p=longstring |  3600 |    0 |  1545744005 | f        |           | t

Would be nice if edit could be forced, this way I need external tools to "fix" the records, which work fine except for the edit command:

$ dig txt default._domainkey.example.nl +short
"k=rsa; p=longstring"

$ pdnsutil --version
pdnsutil 4.1.5