Allow underscores in DNS names

Wes Peters wes at softweyr.com
Sun Mar 30 19:10:02 PST 2003 

On Saturday 29 March 2003 18:05, Louis A. Mamakos wrote:
> > Dag-Erling Smørgrav wrote:
> > > The attached patch, inspired by a discussion on -STABLE, modifies
> > > our resolver library to allow underscores in host names, by
> > > classifying the underscore as a hyphen character.  Even though
> > > RFC952 forbids them, underscores are becoming increasingly common
> > > in DNS, and they are sometimes used for mechanisms (such as
> > > Microsoft's automatic proxy configuration scheme) which we might
> > > want to support in FreeBSD.
> >
> > There was a better patch that made it an option in resolv.conf,
> > rather than turning it on all the time.
>
> This is great, except that you'd don't need to have a resolv.conf
> on your system at all; the resolver will default to using a local
> caching nameserver.

In this case, you WILL need a resolv.conf if you want to use underscores, 
then, won't you?

> > FreeBSD should be standards compliant, by default, and take work
> > to make it possible to give bogus data to other hosts on the
> > Internet who can not handle "_" or other characters because they
> > *are* standars compliant.
>
> Since this is a resolver option, you're not handing out names to
> other hosts using the DNS infrastructure.
>
> > "Be conservative in what you send."
>
> And liberal in what you receive, which is exactly what modifing
> the resolver to not cause gethostbyname() and it's ilk to barf
> on these types of names.
>
> There are lots of things in ancient RFCs which probably do not
> make as much sense these days as they once did. 

I strongly suspect that this discussion, like many in the networking 
arena, are caused by a pack of fools not bothering to read the RFCs 
before plunging off on a tangent and then later calling their stupidity a 
'feature' rather than admitting they made a mistake.

Nothing about the advisability of using wild character sets in DNS names 
has changed except for the widespread misuse of it by a certain 
implementation that fails to enforce the RFC requirements.  This is not 
necessarily a good reason to adulterate FreeBSD.

I'm not arguing for or against any position, just making sure the 
conversation stays on track.  This is not a matter of FreeBSD being 
wrong, it's a matter of whether we want to follow Microsofts breakage.

> If there is a
> security issue in applications, they should get fixed regardless.
> All this heartburn over what the gethostbyname() library function
> chooses to believe from the DNS still doesn't address getting
> hostnames out of NIS or /etc/hosts.

Especially since we have a new implementation of gethostbyname on the way, 
from a programmer who doesn't suck.  That doesn't mean we won't have to 
fix the old one in 4.x, but it does mean we won't have to keep patching 
the old one with every other hairbrained DNS naming scheme (i.e. the Big5 
vs. UTF argument) some other batch of morons comes up with.

-- 

        Where am I, and what am I doing in this handbasket?

Wes Peters                                               wes at softweyr.com

More information about the freebsd-arch mailing list