[haiku-development] Re: Proposal: adding no-check-names to resolv.conf by default
- From: Julian Harnath <julian.harnath@xxxxxxxxxxxxxx>
- To: <haiku-development@xxxxxxxxxxxxx>
- Date: Wed, 2 Jul 2014 19:43:50 +0200
Ingo Weinhold <ingo_weinhold@xxxxxx> schrieb:
> Given the option's name, it might do more than just allow underscores
> in
> names. So it would be prudent to investigate a bit whether this might
> introduce a possible new attack vector.
Yeah, that's why I wrote the initial email, I hoped someone with
intimate knowledge of libbind could say whether it's a good idea to use
that option :)
It does seem like it would do more than necessary and thus it could be
problematic.
However, I have another solution now. As I wrote earlier, such names
resolve fine on other systems, including FreeBSD, and since they also
use libbind to resolve, I looked how they do it.
The part in question is in res_comp.c, Haiku's version is here [0],
FreeBSD's version here [1]. If you look around line ~150, FreeBSD
modified the "middlechar" macro to include "underscorechar", which
allows it to accept names with underscores in them. They also added an
#ifdef RES_ENFORCE_RFC1034 which disables the change again, but that
define is not set by default.
(the initial FreeBSD commit for the change is here [2])
So, how about we just use FreeBSD's solution?
[0]
http://cgit.haiku-os.org/haiku/tree/src/kits/network/libbind/resolv/res_comp.c
[1]
https://github.com/freebsd/freebsd/blob/0680c1f5fe159bba69a242568af0db7d7dc15a79/lib/libc/resolv/res_comp.c
ibc/resolv/res_comp.c
[2] http://svnweb.freebsd.org/base?view=revision&revision=176325
--
So long, jua
Other related posts:
