> On 17 Aug 2021, at 4:17 pm, Tony Finch <[email protected]> wrote: > > So I don't think the problems can be dismissed as simply application bugs: > the problems come from mismatches in expectations at the boundary between > the DNS and the applications. And the DNS is notorious (the subject of > memes!) for being far too difficult to use correctly.
I remain unconvinced. The DNS-library's job is to accurately return the DNS query payload to the application. If the application further expects some particular syntax, then it needs to check for that, e.g.: https://github.com/vdukhovni/postfix/blob/master/postfix/src/util/valid_hostname.c#L28-L34 valid_hostname() scrutinizes a hostname: the name should be no longer than VALID_HOSTNAME_LEN characters, should contain only letters, digits, dots and hyphens, no adjacent dots, no leading or trailing dots or hyphens, no labels longer than VALID_LABEL_LEN characters, and it should not be all numeric. https://github.com/vdukhovni/postfix/blob/master/postfix/src/util/valid_utf8_hostname.c#L13-L17 valid_utf8_hostname() is a wrapper around valid_hostname(). If EAI support is compiled in, and enable_utf8 is true, the name is converted from UTF-8 to ASCII per IDNA rules, before invoking valid_hostname(). https://github.com/vdukhovni/postfix/blob/master/postfix/src/dns/dns_lookup.c#L80-L86 dns_lookup() looks up DNS resource records. When requested to look up data other than type CNAME, it will follow a limited number of CNAME indirections. All result names (including null terminator) will fit a buffer of size DNS_NAME_LEN. All name results are validated by \fIvalid_hostname\fR(); an invalid name is reported as a DNS_INVAL result, while malformed replies are reported as transient errors. This is not particularly different from other sorts of input validation needed to avoid SQL injection attacks, shell command injection attacks, and so forth. $ git grep -Ecw 'valid(_utf8)?_hostname' 'src/*.c' | sort -t: -k2nr src/util/valid_utf8_hostname.c:13 src/util/valid_hostname.c:9 src/dns/dns_lookup.c:6 src/smtpd/smtpd_check.c:6 src/util/midna_domain.c:6 src/smtp/smtp_tls_policy.c:5 src/smtpd/smtpd.c:5 src/global/mail_params.c:3 src/util/get_hostname.c:3 src/util/host_port.c:3 src/global/midna_adomain.c:2 src/postqueue/postqueue.c:2 src/postscreen/postscreen_dnsbl.c:2 src/smtpstone/qmqp-source.c:2 src/smtpstone/smtp-source.c:2 src/tls/tls_misc.c:2 src/trivial-rewrite/resolve.c:2 src/util/myaddrinfo.c:2 src/dnsblog/dnsblog.c:1 src/global/haproxy_srvr.c:1 src/global/mail_queue.c:1 src/global/valid_mailhost_addr.c:1 src/oqmgr/qmgr_message.c:1 src/qmgr/qmgr_message.c:1 -- Viktor. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
