New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pdnsutil: inconsistent error checking #4185

Open
ralight opened this Issue Jul 14, 2016 · 16 comments

Comments

Projects
None yet
@ralight
Copy link

ralight commented Jul 14, 2016

This is with pdns-server 4.0.0 from repo.powerdns.com on Ubuntu xenial.

Running pdnsutil edit-zone example.org I get:

Error: Parsing record content (try 'pdnsutil check-zone'): Data field in DNS should start with quote (") at position 0 of 'TXT record content'

Then running pdnsutil check-zone example.org I get... nothing. I wasn't sure what to expect, but something at least.

@cmouse

This comment has been minimized.

Copy link
Contributor

cmouse commented Jul 14, 2016

was this some content you were adding?

@ralight

This comment has been minimized.

Copy link

ralight commented Jul 14, 2016

No, it was existing content having migrated over from 3.x.

I'm using the sqlite backend if that matters.

@cmouse

This comment has been minimized.

Copy link
Contributor

cmouse commented Jul 14, 2016

Try running pdnsutil check-all-zones

@ralight

This comment has been minimized.

Copy link

ralight commented Jul 14, 2016

Checked 54 records of 'example.org', 0 errors, 0 warnings.

@ralight

This comment has been minimized.

Copy link

ralight commented Jul 14, 2016

(which is the same result as with pdnsutil check-zone example.org)

@cmouse

This comment has been minimized.

Copy link
Contributor

cmouse commented Jul 14, 2016

can you extract the offending record?

@ralight

This comment has been minimized.

Copy link

ralight commented Jul 14, 2016

Yes, it's just a TXT record without quote marks.

To reproduce, assuming sqlite3 backend

pdnsutil create-zone example.org
echo "select * from domains where name='example.org';" | sqlite3 pdns.sqlite3 # get the domain id
echo "insert into records values(9999,<domain id>,'example.org','TXT','hello world',3600,NULL,NULL,0,'',1);" | sqlite3 pdns.sqlite3
pdnsutil edit-zone example.org

The key point is that the message about the quote marks only appears if there is a space in the content field.

@thechile

This comment has been minimized.

Copy link

thechile commented Jul 29, 2016

I have same problem. create-zone says a-ok but edit-zone fails with Data field in DNS should start with quote (") at position 0 error because the TXT record isn't a quoted string.

Below is what's happening... record sqlite entry 16 is example of TXT entry generating error.

select * from records;
...
15|1|sdfsf.example.com|TXT|fgdfgdgdfg|86400|0|1469695253|0||1
16|1|test.example.com|TXT|!@##@$%$^&&*()|86400|0|1469751384|0||1
$ pdnsutil check-all-zones
Jul 29 00:17:07 Reading random entropy from '/dev/urandom'
Jul 29 00:17:07 gsqlite3: connection to '/etc/pdns/pdns.sqlite3.sql' successful
Jul 29 00:17:07 gsqlite3: connection to '/etc/pdns/pdns.sqlite3.sql' successful
Checked 9 records of 'example.com', 0 errors, 0 warnings.
Checked 1 zones, 0 had errors.
pdnsutil edit-zone example.com
Jul 29 00:17:37 Reading random entropy from '/dev/urandom'
Jul 29 00:17:37 gsqlite3: connection to '/etc/pdns/pdns.sqlite3.sql' successful
Jul 29 00:17:37 gsqlite3: connection to '/etc/pdns/pdns.sqlite3.sql' successful
Error: Parsing record content (try 'pdnsutil check-zone'): Data field in DNS should start with quote (") at position 0 of '!@##@$%$^&&*()'

If i remove the record causing the error, 16, then edit-zone will work BUT on loading it shows the other TXT entry in VIM as quoted i.e in the DB it's fgdfgdgdfg but edit-zone displays it as "fgdfgdgdfg".

If i reenter the same string as before but quoted i.e. "!@##@$%$^&&*()" then edit-zone will load OK.

From what i know TXT records as per RFC should be quoted so edit-zone is correct, but it's confusing that it works with one unquoted string but not the other.. yet it seems to auto quote one of the TXT records ?? So edit-zone is half working but check-zone is broken and isn't able to correctly validate records for RFC compliance ?

@rgacogne rgacogne added the auth label Aug 26, 2016

@akaKuruma

This comment has been minimized.

Copy link

akaKuruma commented Sep 2, 2016

PR #4406 related.

@K0HAX

This comment has been minimized.

Copy link

K0HAX commented Sep 22, 2016

I would like to add that on pdnsutil 4.0.1 if I try adding a TXT record with an = in it I get the same error, even if I do enclose it with quotes.
pdnsutil add-record <zone> <host> TXT "foo=bar"

@Habbie

This comment has been minimized.

Copy link
Member

Habbie commented Sep 22, 2016

@K0HAX can you try '"foo=bar"'? Your shell is eating the " the way you use it.

@K0HAX

This comment has been minimized.

Copy link

K0HAX commented Sep 22, 2016

That does work.
Thanks!

@sndrsmnk

This comment has been minimized.

Copy link

sndrsmnk commented Feb 10, 2017

I'm also seeing this edit-zone 'inconsistent error checking' in 4.0.3-1pdns.xenial.

Exact scenario as in OP's report: data from old 3.x setup has no "'s surrounding TXT-RR content, edit-zone fails, check-zone/check-all-zones doesn't mind, result in DNS as expected.

@XANi

This comment has been minimized.

Copy link

XANi commented Jul 5, 2017

is there a reason quote is required ? I'm trying to migrate old setup to 4.0.3 (current Debian stable) and TXT records without "" are resolved fine, are not reported as bad by pdnsutil but are reported bad on reading by API (breaking any web ui that uses the API).

err-ing out on read is pointless because there is no way to fix it if you already have it in database, sans going to DB and manually fixing those. All it does is breaking any API-using app.

Also it seems like web frontends relying on database do not add "" while saving which makes it worse.

If quote is required for TXT records shouldn't it just be added automatically if record doesn't have "" instead of throwing 500's around ?

@wdoekes

This comment has been minimized.

Copy link
Contributor

wdoekes commented Aug 23, 2017

Same here, using a rather old web frontend that added TXT records without quotes.

I could fix the web-frontend and all the records, but it appears that any lack of quotes are fixed by the pdns server anyway. So I'm unsure whether to store them in (mysql) DB with or without quotes.

If check-zone started complaining about lack of quotes, I'd know which way to correct the records.

(Also running debian with pdns 4.0.3 here by the way.)

@benv666

This comment has been minimized.

Copy link

benv666 commented Dec 25, 2018

Just ran into the same:

$ pdnsutil check-zone example.nl
Checked 17 records of 'example.nl', 0 errors, 0 warnings.
$ pdnsutil edit-zone example.nl
Error: Parsing record content (try 'pdnsutil check-zone'): Data field in DNS should start with quote (") at position 0 of 'k=rsa; p=longstring'

In my postgresql backend:

    id     | domain_id |             name              | type |       content       |  ttl  | prio | change_date | disabled | ordername | auth
 125812189 |       180 | default._domainkey.example.nl | TXT  | k=rsa; p=longstring |  3600 |    0 |  1545744005 | f        |           | t

Would be nice if edit could be forced, this way I need external tools to "fix" the records, which work fine except for the edit command:

$ dig txt default._domainkey.example.nl +short
"k=rsa; p=longstring"
$ pdnsutil --version
pdnsutil 4.1.5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment