diff options
Diffstat (limited to 'net-libs/adns/files/adns-1.4-cnamechain.patch')
-rw-r--r-- | net-libs/adns/files/adns-1.4-cnamechain.patch | 132 |
1 files changed, 0 insertions, 132 deletions
diff --git a/net-libs/adns/files/adns-1.4-cnamechain.patch b/net-libs/adns/files/adns-1.4-cnamechain.patch deleted file mode 100644 index 9edf69461c01..000000000000 --- a/net-libs/adns/files/adns-1.4-cnamechain.patch +++ /dev/null @@ -1,132 +0,0 @@ -[ADNS] Re: CNAME chains -Brad Spencer spencer at infointeractive.com -Mon, 28 Aug 2006 14:43:00 -0300 - -Previous message: CNAME chains -Next message: CNAME chains option -Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] ---pf9I7BMVVzbSWLtt -Content-Type: text/plain; charset=us-ascii -Content-Disposition: inline - -On Fri, Aug 25, 2006 at 11:36:04AM -0700, William Ahern wrote: -> On Fri, Aug 25, 2006 at 09:39:01AM +0100, peter burden wrote: -> > Hello, -> > Is there any way to make ADNS follow CNAME chains ? -> > -> > I have set the adns_qf_cname_loose query flag and it seems OK for a -> > single -> > CNAME - e.g. (output from 'dig') - -I posted a small patch back in 2003 that made changes to adns so that -it would follow CNAME chains. See - -http://www.chiark.greenend.org.uk/pipermail/adns-discuss/2003/001072.html - -The patch included in that post is against an old adns version, so I -have attached my latest version of the patch to this message. (I have -not tested that the attached patch applied cleanly to the current adns -source, but it may be slightly more in sync with the current version.) - -> CNAME chains are technically not allowed. Such chains are violations of the -> specifications. Also, I believe MX host lookups returning CNAMEs (i.e. MX -> yahoo.com -> A mail.yahoo.com -> CNAME foo) is also illegal. - -I have also been told that CNAME chains are illegal, but I can not -find any actual text that says that a resolver should fail when it -encounters them. In fact, RFC 1034 Section 3.6.2 says: - - Domain names in RRs which point at another name should always point at - the primary name and not the alias. This avoids extra indirections in - accessing information. For example, the address to name RR for the - above host should be: - - 52.0.0.10.IN-ADDR.ARPA IN PTR C.ISI.EDU - - rather than pointing at USC-ISIC.ARPA. - -The above implies that CNAME chains are illegal, IMO. But then, the -next sentence is: - - Of course, by the robustness principle, domain software should not - fail when presented with CNAME chains or loops; CNAME chains - should be followed and CNAME loops signalled as an error. - -This advice, coupled with the fact that CNAME chains exist in the -wild, triggered me to create the patch in the first place. My patch -doesn't detect loops, but instead simply won't follow chains longer -than a certain (hard-coded) size. - -Hope this helps! - --- ------------------------------------------------------------------- -Brad Spencer - spencer@infointeractive.com - "It's quite nice..." -Systems Architect | InfoInterActive Corp. | A Canadian AOL Company - ---pf9I7BMVVzbSWLtt -Content-Type: text/plain; charset=us-ascii -Content-Disposition: attachment; filename="cname_chains.diff" - -Index: adns-1.0/src/internal.h -=================================================================== -RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/internal.h,v -retrieving revision 1.3 -retrieving revision 1.4 -diff -u -p -r1.3 -r1.4 ---- adns-1.0/src/internal.h 2 Oct 2003 17:01:46 -0000 1.3 -+++ adns-1.0/src/internal.h 2 Oct 2003 17:14:29 -0000 1.4 -@@ -206,6 +206,9 @@ struct adns__query { - int cname_dglen, cname_begin; - /* If non-0, has been allocated using . */ - -+ int cname_alias_hops_left; -+ /* The number of cname alias hops we will allow */ -+ - vbuf search_vb; - int search_origlen, search_pos, search_doneabs; - /* Used by the searching algorithm. The query domain in textual form -Index: adns-1.0/src/query.c -=================================================================== -RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/query.c,v -retrieving revision 1.3 -retrieving revision 1.4 -diff -u -p -r1.3 -r1.4 ---- adns-1.0/src/query.c 2 Oct 2003 17:01:47 -0000 1.3 -+++ adns-1.0/src/query.c 2 Oct 2003 17:14:29 -0000 1.4 -@@ -63,6 +63,8 @@ static adns_query query_alloc(adns_state - - qu->cname_dgram= 0; - qu->cname_dglen= qu->cname_begin= 0; -+ /* Allow CNAME chains up to some sane limit */ -+ qu->cname_alias_hops_left = 10; - - adns__vbuf_init(&qu->search_vb); - qu->search_origlen= qu->search_pos= qu->search_doneabs= 0; -Index: adns-1.0/src/reply.c -=================================================================== -RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/reply.c,v -retrieving revision 1.3 -retrieving revision 1.4 -diff -u -p -r1.3 -r1.4 ---- adns-1.0/src/reply.c 2 Oct 2003 17:01:47 -0000 1.3 -+++ adns-1.0/src/reply.c 2 Oct 2003 17:14:30 -0000 1.4 -@@ -191,12 +191,13 @@ void adns__procdgram(adns_state ads, con - if (qu->flags & adns_qf_cname_forbid) { - adns__query_fail(qu,adns_s_prohibitedcname); - return; -- } else if (qu->cname_dgram) { /* Ignore second and subsequent CNAME(s) */ -+ } else if (qu->cname_dgram && --(qu->cname_alias_hops_left) <= 0) { /* Don't follow "too long" CNAME chains */ - adns__debug(ads,serv,qu,"allegedly canonical name %s" -- " is actually alias for %s", qu->answer->cname, -+ " is actually alias for %s and aliases too deep", -+ qu->answer->cname, - adns__diag_domain(ads,serv,qu, &qu->vb, - dgram,dglen,rdstart)); -- adns__query_fail(qu,adns_s_prohibitedcname); -+ adns__query_fail(qu,adns_s_norecurse); - return; - } else if (wantedrrs) { /* Ignore CNAME(s) after RR(s). */ - adns__debug(ads,serv,qu,"ignoring CNAME (to %s) coexisting with RR", - ---pf9I7BMVVzbSWLtt-- |