Date: Tue, 23 Sep 2008 13:15:24 -0700 (PDT) From: "Eugene M. Kim" <20080111.freebsd.org@ab.ote.we.lv> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/127591: [PATCH] [libc/net] spurious warning against DNAME RRs in getaddrinfo() and gethostby*() Message-ID: <200809232015.m8NKFO1b035318@purple.the-7.net> Resent-Message-ID: <200809232020.m8NKK1ce095074@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 127591 >Category: bin >Synopsis: [PATCH] [libc/net] spurious warning against DNAME RRs in getaddrinfo() and gethostby*() >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Sep 23 20:20:01 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Eugene M. Kim >Release: FreeBSD 7.1-PRERELEASE i386 >Organization: >Environment: System: FreeBSD purple.the-7.net 7.1-PRERELEASE FreeBSD 7.1-PRERELEASE #4: Wed Sep 10 17:25:31 PDT 2008 ab@purple.the-7.net:/home/FreeBSD/build/RELENG_7/obj/home/FreeBSD/build/RELENG_7/src/sys/PURPLE i386 >Description: DNS DNAME RRs (as defined in RFC 2672) provides a mechanism for non-terminal name redirection. For example, www.the-7.com does not exist in DNS but the-7.com has a DNAME alias to the-7.net; looking up www.the-7.com for an A record would return: $ dig www.the-7.com IN A +noall +answer ; <<>> DiG 9.4.2-P1 <<>> www.the-7.com IN A +noall +answer ;; global options: printcmd the-7.com. 300 IN DNAME the-7.net. www.the-7.com. 0 IN CNAME www.the-7.net. www.the-7.net. 300 IN CNAME purple.the-7.net. purple.the-7.net. 300 IN A 64.71.156.34 $ (The nameserver, upon receiving a request that matches a DNAME, returns the DNAME and a synthesized CNAME.) When src/libc/net/{getaddrinfo,gethostbydns}.c examines this result, they see the DNAME record and emits a warning over auth.notice syslog, which shows up in /var/log/messages and /var/log/auth.log by default. These warnings are benign (as the server returns a synthesized CNAME that correctly leads to the targeted name), but on a heavy-loaded server they add up quickly and bloats the log size. >How-To-Repeat: $ /sbin/ping www.the-7.com ... ^C $ fgrep 'www.the-7.com' /var/log/messages | tail -1 Sep 23 12:18:43 purple ping: gethostby*.gethostanswer: asked for "www.the-7.com IN A", got type "DNAME" $ >Fix: $ patch -d /usr/src << 'ENDEND' --- - 2008-09-23 12:53:26.119657584 -0700 +++ lib/libc/net/getaddrinfo.c 2008-09-23 12:23:00.143769940 -0700 @@ -1884,7 +1884,7 @@ } } else if (type != qtype) { #ifdef DEBUG - if (type != T_KEY && type != T_SIG) + if (type != T_KEY && type != T_SIG && type != ns_t_dname) syslog(LOG_NOTICE|LOG_AUTH, "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", qname, p_class(C_IN), p_type(qtype), --- - 2008-09-23 12:53:45.223733999 -0700 +++ lib/libc/net/gethostbydns.c 2008-09-23 12:22:03.243899560 -0700 @@ -294,7 +294,7 @@ continue; } if (type != qtype) { - if (type != T_SIG) + if (type != T_SIG && type != ns_t_dname) syslog(LOG_NOTICE|LOG_AUTH, "gethostby*.gethostanswer: asked for \"%s %s %s\", got type \"%s\"", qname, p_class(C_IN), p_type(qtype), ENDEND >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809232015.m8NKFO1b035318>