From owner-freebsd-net@FreeBSD.ORG Wed Feb 13 20:11:10 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6DA2116A46E; Wed, 13 Feb 2008 20:11:10 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.delphij.net (delphij-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:2c9::2]) by mx1.freebsd.org (Postfix) with ESMTP id 19F8513C44B; Wed, 13 Feb 2008 20:11:10 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.geekcn.org (unknown [202.108.54.204]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tarsier.delphij.net (Postfix) with ESMTP id 01FA928478; Thu, 14 Feb 2008 04:11:09 +0800 (CST) Received: from localhost (unknown [202.108.54.204]) by tarsier.geekcn.org (Postfix) with ESMTP id C4380EC3B99; Thu, 14 Feb 2008 04:11:08 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([202.108.54.204]) by localhost (mail.geekcn.org [202.108.54.204]) (amavisd-new, port 10024) with ESMTP id 27b6tJ4OdvPp; Thu, 14 Feb 2008 04:11:04 +0800 (CST) Received: from charlie.delphij.net (71.5.7.139.ptr.us.xo.net [71.5.7.139]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTP id 0A6E4EC384B; Thu, 14 Feb 2008 04:11:02 +0800 (CST) DomainKey-Signature: a=rsa-sha1; s=default; d=delphij.net; c=nofws; q=dns; h=message-id:date:from:reply-to:organization:user-agent: mime-version:to:cc:subject:references:in-reply-to: x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=ieMK/gZ+8d8EXX8fH8NtqRSo9I8KDtf/weJYVsoPe0MKm29KGuyRW68MR9nZOhp/F goC2+6nRHkizyP7lvRv0A== Message-ID: <47B34ED4.6090302@delphij.net> Date: Wed, 13 Feb 2008 12:11:00 -0800 From: Xin LI Organization: The FreeBSD Project User-Agent: Thunderbird 2.0.0.9 (X11/20080122) MIME-Version: 1.0 To: =?ISO-2022-JP?B?SklOTUVJIFRhdHV5YSAvIBskQj9ATEBDIzpIGyhC?= References: <47B2488D.70707@delphij.net> In-Reply-To: X-Enigmail-Version: 0.95.5 OpenPGP: id=18EDEBA0; url=http://www.delphij.net/delphij.asc Content-Type: text/plain; charset=ISO-2022-JP Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, d@delphij.net, ume@FreeBSD.org Subject: [RESOLVED] Re: Strange resolver behavior X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Feb 2008 20:11:10 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 JINMEI Tatuya / 神明達哉 wrote: [snip] At the beginning I was confused with host(1) and resolver library, they are different problems, sorry for the confusion. I think Hajimu-san's analysis was correct that it was caused by the check in resolver, here is a ktrace output from a system without patched libc: http://www.delphij.net/kdump.txt Note that, with a patched (with ume@'s patch) resolver, the program *does* worked as expected, also this will make firefox to be able to resolve the domain name. Test program can be downloaded from http://www.delphij.net/test.c . With patched libc you will get no output (expected), and with unpatched libc you will get "Unknown server error" and will be unable to get the A RR. It turns out that the baidu.com DNS administrator might be unaware of the potential violation of RFC 952 "ASSUMPTIONS" and RFC 1034 Section 3.5. However, I am afraid that there are some DNS server implementations that does allow '_'s in domain names, so if there is no potential risks allowing it from the resolver side I think it might be a good idea to be more permissive for this case, because there are real uses of it, and other operating systems does allow it at the client side. Cheers, - -- Xin LI http://www.delphij.net/ FreeBSD - The Power to Serve! -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHs07Ui+vbBBjt66ARArTAAJ9bzw4f/tZ0LzH5QXQi9CM9nNr8egCdHprK fE6LNOaSyeGu/TadZqnF34w= =u82D -----END PGP SIGNATURE-----