Potential pitfalls in DNS handling [LWN.net]

Potential pitfalls in DNS handling

Posted Nov 15, 2012 18:14 UTC (Thu) by paulj (subscriber, #341)
In reply to: Potential pitfalls in DNS handling by epa
Parent article: Potential pitfalls in DNS handling

Anything is allowed in DNS labels? Was that always the case, because RFC1035 says this in section 2.3.1 on "Preferred name syntax" - on names in DNS generally:

"Note that while upper and lower case letters are allowed in domain names, no significance is attached to the case. That is, two names with the same spelling but different case are to be treated as if identical.
The labels must follow the rules for ARPANET host names. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphen. There are also some restrictions on the length. Labels must be 63 characters or less."

(Log in to post comments)

Potential pitfalls in DNS handling

Posted Nov 15, 2012 20:10 UTC (Thu) by bjencks (subscriber, #80303) [Link]

Further up 2.3.1 it says:

"For example, when naming a mail domain, the user should satisfy both the rules of this memo and those in RFC-822. When creating a new host name, the old rules for HOSTS.TXT should be followed. This avoids problems when old software is converted to use domain names.

The following syntax will result in fewer problems with many applications that use domain names (e.g., mail, TELNET)."

and proceeds to describe the rules you quoted, indicating that those rules are guidelines for maximum interoperability, not MUST specifications of the protocol. Section 3.1 reinforces this:

"Although labels can contain any 8 bit values in octets that make up a label, it is strongly recommended that labels follow the preferred syntax described elsewhere in this memo, which is compatible with existing host naming conventions."

Potential pitfalls in DNS handling

Posted Nov 16, 2012 10:24 UTC (Fri) by paulj (subscriber, #341) [Link]

Interesting. Which means RFC1035 is surely inconsistent on this, given 2.3.1 says "the labels must" - a "must" that isn't actually a "must". But as someone else points out, RFC2181 §11 clearly states binary is allowed.

Potential pitfalls in DNS handling

Posted Nov 16, 2012 19:11 UTC (Fri) by hawk (subscriber, #3195) [Link]

I think the point there is that section 2.3.1 of RFC1035 (http://tools.ietf.org/html/rfc1035#section-2.3.1) is not describing the capabilities of the actual DNS protocol but rather what names should be used to achieve compatibility with existing systems.

This article is really about what kind of data you can get back in a (still correctly formatted) DNS response. It's important to note that even though the DNS protocol can carry anything there may still be application specific naming rules that prevents the full-on "any byte is valid" in a specific context.

(The article does have an unfortunate mixup (that's my take on it, anyway) where hostname name rules and DNS protocol name rules seem to be considered the same thing. See my comment regarding this: http://lwn.net/Articles/525471/)

Potential pitfalls in DNS handling

Posted Nov 22, 2012 6:40 UTC (Thu) by magfr (guest, #16052) [Link]

The problem with application specific rules is that a cracker could choose to not adhere to them so the problem is still there and the application have to be prepared for everything that the protocol can transport.

Note that everything the protocol can transport might be a superset of what the protocol allows.