Skip Menu |

This queue is for tickets about the Net-DNS CPAN distribution.

Report information
The Basics
Id: 105649
Status: rejected
Priority: 0/
Queue: Net-DNS
People
Owner: Nobody in particular
Requestors: tlhackque [...] yahoo.com
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: 0.82_02
Fixed in: (no value)

History Show all quoted text
  Fri Jul 03 13:01:07 2015 tlhackque [...] yahoo.com - Ticket created
Subject: errorstring doesn't report error detail
Consider the example used for Net::DNS::Reslover::axfr: $resolver->tsig( 'Khmac-sha1.example.+161+24053.private' ); @zone = $resolver->axfr( 'example.com' ); die 'Zone transfer failed: ', $resolver->errorstring unless @zone; Set system time of a client to the day before that of the server, and execute with a valid key and domain. Result will be: Zone transfer failed: RCODE from server: NOTAUTH This is the RCODE from the message header. It should reflect the Error field from the TSIG record [when non-zero], which is more specific (and more useful). E.g. Zone transfer failed: RCODE from server: BADTIME (Or perhaps "NOTAUTH (BADTIME)" for the pedantic.) The detailed error should be returned for all query types, not just axfr. (E.g. signed query()) Since this is a long-standing behavior, it may be advisable to make errorstring() return detailed error status conditionally - e.g. $res->errorstring(1).... This would avoid breaking any existing consumers. Note that (extended) errorstring should reflect the EXTENDED-RCODE if an OPT record is present in the response. When multiple error fields are present, the most severe should be returned. In general, this will be: TSIG Error (no processing happens in the server if TSIG fails) || OPT EXTENDED-RCODE (from 'TTL' MSB) << 4 | Message Header RCODE || Message Header RCODE
  Sun Jul 05 09:48:11 2015 rwfranks [...] acm.org - Correspondence added
From: rwfranks [...] acm.org
On Fri Jul 03 13:01:07 2015, tlhackque wrote: Show quoted text
> Consider the example used for Net::DNS::Reslover::axfr: > > $resolver->tsig( 'Khmac-sha1.example.+161+24053.private' ); > @zone = $resolver->axfr( 'example.com' ); > > die 'Zone transfer failed: ', $resolver->errorstring unless @zone; > > > Set system time of a client to the day before that of the server, and > execute with a valid key and domain. > > Result will be: > Zone transfer failed: RCODE from server: NOTAUTH >
The server apparently will not play ball. This is the principal error and is generated in the resolver. Show quoted text
> Note that (extended) errorstring should reflect the EXTENDED-RCODE if > an OPT record is present in the response.
Existing implementation already does. Show quoted text
> When multiple error fields are present, the most severe should be > returned.
Which is exactly what happened. The multiple errors either occur at different times and different places in the code, or are mutually exclusive. Failure is reported at the earliest point in the process. As TSIG only occurs between consenting parties in private. All the information is available for failure analysis, which is an entirely local matter. There is no compelling justification for changing the existing error reporting arrangements in this case.
  Sun Jul 05 09:48:12 2015 The RT System itself - Status changed from 'new' to 'open'
  Wed Aug 26 16:47:48 2015 NLNETLABS [...] cpan.org - Status changed from 'open' to 'rejected'