bugzilla-daemon at bugzilla
Nov 5, 2009, 8:41 AM
Post #1 of 1
(55 views)
Permalink
|
|
[Bug 6232] New: Net::DNS inconsistent in use of presentation/wire format in packets, breaks DnsResolver
|
|
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6232
Summary: Net::DNS inconsistent in use of presentation/wire
format in packets, breaks DnsResolver
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P5
Component: Libraries
AssignedTo: dev[at]spamassassin.apache.org
ReportedBy: Mark.Martinec[at]ijs.si
As Warren Togami reported, URIBL queries with non-ascii labels break the
DnsResolver.pm. The effect is that when an answer packet is received from
a resolver, its query section fails to match the id with which we created
and remembered the query and the reply packet is ignored, while the query
is still pending until it eventually times out, without providing an answer.
This delays URIBL resolving up to rbl_timeout seconds.
The core of the problem seems to in Net::DNS, which is inconsistent in
its choice between raw (wire) bytes vs. ascii-ized (presentation) form
for data in its Net::DNS::Packet object, specifically in its 'question'
field. It allows a caller to supply arbitrary bytes when creating
a packet (which is fine, DSN is fully transparent for any bytes),
but when an answer packet is received, it ascii-izes its query section
and stores it in the object, instead of keeping it in the raw format.
The following test program illustrates the problem, displaying the
first (the only) entry in the 'question' section, both for our generated
query packet, and also for the question section of a reply packet:
#!/usr/bin/perl
use strict;
use Net::DNS;
sub query($) {
my($query_domain) = @_;
my($packet) = Net::DNS::Packet->new($query_domain, "A", "IN");
my($res) = Net::DNS::Resolver->new;
my($answer) = $res->send($packet) or die "send failed: $!";
printf("\n%s\n", $query_domain);
printf("query: %s\n", ($packet->question)[0]->qname);
printf("reply: %s\n", ($answer->question)[0]->qname);
}
query("example.jp.multi.uribl.com");
query("\xE6\x97\xA5\xE6\x9C\xAC\xE8\xAA\x9E.jp.multi.uribl.com");
and the result:
example.jp.multi.uribl.com
query: example.jp.multi.uribl.com
reply: example.jp.multi.uribl.com
æ¥æ¬èª.jp.multi.uribl.com
query: æ¥æ¬èª.jp.multi.uribl.com
reply: \230\151\165\230\156\172\232\170\158.jp.multi.uribl.com
The first one is fine, the question section on the answer packet exactly
matches the question section of a query packet. The second case is a
mismatch, the question section of an answer packet has characters
converted into their *decimal* code (which is a habit in DSN zones).
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
|
