jimdigriz
commented
1 year ago My workaround for now is to have a wrapping function:
-module(inet_dns_utils).
-export([decode/1, decode/2]).
-export([encode/1, encode/2]).
-include_lib("kernel/src/inet_dns.hrl").
decode(Packet, MDNS) ->
{ok, DnsRec} = inet_dns:decode(Packet),
MDNS andalso {ok, DnsRec} orelse decode_mdns_fixup(DnsRec).
decode(Packet) ->
decode(Packet, false).
%%% included for symmetry
encode(Packet, _MDNS) ->
inet_dns:encode(Packet).
encode(Packet) ->
encode(Packet, false).
%%% internal functions
%%% https://github.com/erlang/otp/issues/7718
%%% unfortunately inet_dns:{dns_query,rr} obliterate #dns_query.unicast_response
%%% and #dns_rr.func so we have to interact with the undocumented record directly
decode_mdns_fixup(DnsRec = #dns_rec{ qdlist = QDList0, anlist = ANList0, nslist = NSList0, arlist = ARList0}) ->
QDList = [ decode_mdns_fixup2(RR) || RR <- QDList0 ],
ANList = [ decode_mdns_fixup2(RR) || RR <- ANList0 ],
NSList = [ decode_mdns_fixup2(RR) || RR <- NSList0 ],
ARList = [ decode_mdns_fixup2(RR) || RR <- ARList0 ],
{ok, DnsRec#dns_rec{ qdlist = QDList, anlist = ANList, nslist = NSList, arlist = ARList }}.
-define(UNICAST_RESPONSE, 16#8000).
decode_mdns_fixup2(RR = #dns_query{ class = C, unicast_response = true }) ->
RR#dns_query{ class = C bor ?UNICAST_RESPONSE, unicast_response = false };
decode_mdns_fixup2(RR = #dns_rr{ class = C, func = true }) ->
RR#dns_rr{ class = C bor ?UNICAST_RESPONSE, func = false };
decode_mdns_fixup2(RR) ->
RR.
RaimoNiskanen
Describe the bug
The class field in in a DNS header is incorrectly decoded, the details of the values for this field maintained by IANA.
For unicast requests, it has the range 0->65535 whilst for multicast the value of class may only be in the range 0->32767; this change in behaviour is described in RFC6762 section 22.
If you try to use a private range class, the decoded record has its class returned with the top bit masked out.
To Reproduce
Send a request using:
Erlang wise, this effectively becomes:
Expected behavior
Class is returned as the value 65280; supporting classes above 32767 for unicast queries and responses.
Affected versions
Using OTP27 (master branch) as of 0164d3db05
Additional context
The fix for me here is unclear.
My understanding is there is nothing in a DNS packet that states "I am multicast", and the receiver should determine this by inspecting that the destination IP/port is
224.0.0.251:5353(RFC6762, section 5+6) which means the logic inlib/kernel/src/inet_dns.erl:{encode,decode}_class()should really be lurking in the application as it is the only place that is aware of this.So the problem is that OTP assumes this high bit is always 'unicast-response' when really it is only for mDNS traffic.
@RaimoNiskanen though added this in de80584b05c565952bf0cc7513203d40e89f2b11 for some reason and in this form, I am assuming it was reasons of "it pays our salary's"?
If this must be done in
inet_dns.erl, one alternative is to set the default value of the flag toundefinedand only give it a boolean value through inferring that queries were forlocal.(and if you really want to get fuzzy the link-local reverse zones).Personally, I think de80584b05c565952bf0cc7513203d40e89f2b11 should be reverted and that logic pushed into the application, but that horse may have long since bolted and is no longer a feasible option.
Another option is @RaimoNiskanen points out like RFC6762 section 22 says, "only only 3+2 classes are registered, just use some other random number lower than 32768" or alternatively use
#dns_query.unicast_responseand#dns_rr.funcin my application to reverse the breakage using a reversed logic of "not mDNS so repair...".