Opened 4 weeks ago

Closed 4 weeks ago

#2200 closed defect (fixed)

Ignore/discard DNS SRV response with truncated flag set

Reported by: riza Owned by: riza
Priority: normal Milestone: release-2.9
Component: pjlib-util Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description

The standard stated:

DNS resolvers and recursive servers MUST support UDP, and
SHOULD support TCP, for sending (non-zone-transfer) queries.
Specifically, a DNS resolver or server that is sending a
non-zone-transfer query MUST send a UDP query first.  If the
Answer section of the response is truncated and if the
requester supports TCP, it SHOULD try the query again using
TCP.

.........
         
Truncated responses MUST NOT be saved (cached) and later
used in such a way that the fact that they are truncated is
lost.

Instead of following up with a TCP query which is unsupported, currently the library will follow up with DNS A query. Based on the recommendation above, it's better to discard the response and raise error.

Thanks to Daniel Schopf for the report.

Change History (1)

comment:1 Changed 4 weeks ago by riza

  • Owner set to riza
  • Resolution set to fixed
  • Status changed from new to closed

In 6000:

Close #2200: Ignore/discard DNS SRV response with truncated flag set.

Note: See TracTickets for help on using tickets.