cvs commit: src/lib/libc/resolv res_comp.c

Guy Helmer ghelmer at palisadesys.com
Mon Feb 18 07:18:03 PST 2008 

Xin LI wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> M. Warner Losh wrote:
>   
>> In message: <20080216024541.GA31498 at nagual.pp.ru>
>>             Andrey Chernov <ache at nagual.pp.ru> writes:
>> : On Sat, Feb 16, 2008 at 12:16:49AM +0000, Xin LI wrote:
>> : > delphij     2008-02-16 00:16:49 UTC
>> : > 
>> : >   FreeBSD src repository
>> : > 
>> : >   Modified files:
>> : >     lib/libc/resolv      res_comp.c 
>> : >   Log:
>> : >   Allow underscore in domain names while resolving.  While having underscore
>> : >   is a violation of RFC 1034 [STD 13], it is accepted by certain name servers
>> : >   as well as other popular operating systems' resolver library.
>> : 
>> : Do you mean we'll have now different results from libc and from bind's 
>> : resolver for names with underscore? If yes, it sounds worse than RFC 
>> : violation committed.
>>
>> Plus there was a very long, very heated thread about removing _ as a
>> valid name years ago.  Have conditions changed since then?  Frankly,
>> I'd like to have seen a change like this discussed more widely.  There
>> was much debate before, and there turned out to be good reasons for
>> omitting the _.  I just can't recall them now.
>>     
>
> If we are pointing the same discussion thread, it finally reached a
> point which says that there is security concerns, claiming that
> gethostbyname() and friends should do aggressive sanity check for domain
> names.
>
> While this might be reasonable at that time of discussion, I would argue
> that with the world outside *BSD all accepts _ in host names at the
> resolver side, the alleged _ -> - transition never finished as people
> expected in the early age of Internet, and so that as applications
> ported to these platforms from time to time, they will have to face the
> fact that _ is considered as valid by their resolvers.  Moreover, if "_"
> is that harmful to any individual applications, I would say that they
> should check it at the input stage, which is considered as the attack
> surface, not to rely on base services like resolver to do the sanity check.
>
> I don't think it would be the end of world if we allow _ in host names.
> All other (lame) OSes allows it, their resolver just accepts this
> character and give the answer, actually, I would be very surprised if it
> can still cause any real world attack nowadays.
>   
Are we talking about hostnames specifically, or domain name components 
in general?

I've been recently looking at DomainKeys, and underscores appear to be 
typically used in the domain components for domain keys TXT records 
(example below from 
http://www.elandsys.com/resources/sendmail/domainkeys.html):

mail._domainkey.example.com. IN TXT "k=rsa; t=y;
          p=MEwwPQRJKoZIhvcNADAQCQADOwAwOAIxANPpYHdE2tevfEpvL1Tk2dDYv0pF28/f5MxU83x/0b
          sn4R4p7waPaz1IbOGs/6bm5QIDAQAB"

Guy

-- 
Guy Helmer, Ph.D.
Chief System Architect
Palisade Systems, Inc.

More information about the cvs-all mailing list