Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

shared: recognize DNS names with more than one trailing dot as invalid #4111

Merged
merged 1 commit into from Sep 9, 2016
Merged

shared: recognize DNS names with more than one trailing dot as invalid #4111

merged 1 commit into from Sep 9, 2016

Conversation

martinpitt
Copy link
Contributor

One trailing dot is valid, but more than one isn't. This also fixes glibc's posix/tst-getaddrinfo5 test.

This commit includes unit tests, but I also verified that with the fixed resolved this now works:

$ systemd-resolve www.gnu.org...
www.gnu.org...: resolve call failed: Invalid hostname 'www.gnu.org...'
$ systemd-resolve www.gnu.org..
www.gnu.org..: resolve call failed: Invalid hostname 'www.gnu.org..'
$ systemd-resolve www.gnu.org.
www.gnu.org.: 208.118.235.148
              2001:4830:134:3::a
              (wildebeest.gnu.org)

Fixes #3978

@martinpitt
shared: recognize DNS names with more than one trailing dot as invalid
376409a 
One trailing dot is valid, but more than one isn't. This also fixes glibc's
posix/tst-getaddrinfo5 test.

Fixes systemd#3978
@martinpitt martinpitt added resolve bug 🐛 Programming errors, that need preferential fixing labels Sep 8, 2016
@martinpitt martinpitt self-assigned this Sep 8, 2016
@keszybz keszybz merged commit f35c467 into systemd:master Sep 9, 2016
@martinpitt martinpitt deleted the dns-name-dotdot branch September 13, 2016 07:08
edolstra pushed a commit to NixOS/systemd that referenced this pull request Sep 30, 2016
@martinpitt @edolstra
shared: recognize DNS names with more than one trailing dot as invalid (
fde1b72 
systemd#4111)

One trailing dot is valid, but more than one isn't. This also fixes glibc's
posix/tst-getaddrinfo5 test.

Fixes systemd#3978.
(cherry picked from commit f35c467)
@poettering
Copy link
Member

Hmpf. This fix looks wrong. dns_label_unescape() is supposed to look at a single label only, but now you make it look one more label ahead...

@poettering
Copy link
Member

hmm, i figure the patch is actually Ok after all, even though not particularly pretty. But I figure it's the best we can do, given that dns_label_unescape() is supposed to treat "" and "." the same way, and thus not looking forward will indeed allow a name ending in two trailing dots pass...

Sorry for the noise

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@martinpitt martinpitt

Labels
bug 🐛 Programming errors, that need preferential fixing resolve
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

libnss-resolve treats two trailing dots on a domain name incorrectly
3 participants
@martinpitt @poettering @keszybz