Skip Menu |

This queue is for tickets about the Net-DNS CPAN distribution.

Report information
The Basics
Id: 37104
Status: rejected
Priority: 0/
Queue: Net-DNS
People
Owner: Nobody in particular
Requestors: ray [...] nominet.org.uk
Cc:
AdminCc:
Bug Information
Severity: Wishlist
Broken in: (no value)
Fixed in: (no value)
Attachments
PGP.sig
signature.asc

History Show all quoted text
  Wed Jun 25 15:32:44 2008 ray [...] nominet.org.uk - Ticket created
Subject: Feature Request - export and document DNS::Resolver::make_query_packet
Olaf, Would you please consider formally exporting make_query_packet or some sensible alias of it? It's very useful to be able to be able to make a request and then modify the header, etc, before it's sent. This would be useful for the DNSSEC compatibility project I'm working on and also for software like "fpdns" which generate odd DNS packets to test for borderline behaviour in DNS servers and proxies. cheers, Ray
  Thu Jun 26 13:25:18 2008 olaf [...] dacht.net - Correspondence added
Subject: Re: [rt.cpan.org #37104] Feature Request - export and document DNS::Resolver::make_query_packet
Date: Thu, 26 Jun 2008 19:24:44 +0200
To: bug-Net-DNS [...] rt.cpan.org
From: "Olaf M. Kolkman" <olaf [...] dacht.net>
Ray Bellis via RT wrote: Show quoted text
> Wed Jun 25 15:32:44 2008: Request 37104 was acted upon. > Transaction: Ticket created by raybellis > Queue: Net-DNS > Subject: Feature Request - export and document DNS::Resolver::make_query_packet > Broken in: (no value) > Severity: Wishlist > Owner: Nobody > Requestors: ray@nominet.org.uk > Status: new > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=37104 > > > > Olaf, > > Would you please consider formally exporting make_query_packet or some > sensible alias of it? > > > It's very useful to be able to be able to make a request and then modify > the header, etc, before it's sent. This would be useful for the DNSSEC > compatibility project I'm working on and also for software like "fpdns" > which generate odd DNS packets to test for borderline behaviour in DNS > servers and proxies. > >
Not saying no, but in what ways does the following not support your use case? $packet=Net::DNS::Packet->new(); $answer=$res->send($packet); (ai, a Ray and Roy at Nominet.. that will be confusing :-) ) --Olaf
Download signature.asc
application/pgp-signature 250b

Message body not shown because it is not plain text.

  Thu Jun 26 13:25:21 2008 The RT System itself - Status changed from 'new' to 'open'
  Fri Jun 27 03:05:41 2008 Ray.Bellis [...] nominet.org.uk - Correspondence added
Subject: Re: [rt.cpan.org #37104] Feature Request - export and document DNS::Resolver::make_query_packet
Date: Fri, 27 Jun 2008 08:05:24 +0100
To: bug-Net-DNS [...] rt.cpan.org
From: Ray.Bellis [...] nominet.org.uk
Show quoted text
> Not saying no, but in what ways does the following not support your use > case? > $packet=Net::DNS::Packet->new(); > $answer=$res->send($packet);
Doing that doesn't do the rest of the packet mangling (EDNS0, DO, TSIG) that $res->make_query_packet() does. Show quoted text
> (ai, a Ray and Roy at Nominet.. that will be confusing :-) )
It is for some :-) cheers, Ray
  Fri Jun 27 04:13:32 2008 olaf [...] dacht.net - Correspondence added
Subject: Re: [rt.cpan.org #37104] Feature Request - export and document DNS::Resolver::make_query_packet
Date: Fri, 27 Jun 2008 10:12:57 +0200
To: bug-Net-DNS [...] rt.cpan.org
From: Olaf Kolkman <olaf [...] dacht.net>
On Jun 27, 2008, at 9:05 AM, Ray.Bellis@nominet.org.uk via RT wrote: Show quoted text
> Queue: Net-DNS > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=37104 > >
>> Not saying no, but in what ways does the following not support your >> use >> case? >> $packet=Net::DNS::Packet->new(); >> $answer=$res->send($packet);
> > Doing that doesn't do the rest of the packet mangling (EDNS0, DO, > TSIG) > that $res->make_query_packet() does.
This is my last day at work before a 3 weeks vacation. Then there is IETF. I plan to work on Net:DNS and Net::DNS::SEC in August. I will pick this up later.
Download PGP.sig
application/pgp-signature 235b

Message body not shown because it is not plain text.

  Tue Dec 16 16:12:08 2008 OLAF [...] cpan.org - Correspondence added
Hello Ray, This has stalled much to long... and now I'm looking at this with a relatively fresh look. I was thinking to make it a Net::DNS::Packet class method but that will not work because it draws from the Resolver attributes. Besides, I am not quite sure how to offer the method to the general public in a way that makes sense. The problem is that if you were to feed it back to Net::DNS::Resolver the send method might undo some of the magic you tried to accomplish and that may cause all sort of behavior users might not expect. On the other hand.. I've added the following comment in the code: # # Keep this method around. Folk depend on it although its not documented and exported. # How do you use the method? You build a packet and then use the Resolver to send or do you do your own socket managing? Share your thoughts. --Olaf
  Wed Dec 17 05:18:02 2008 Ray.Bellis [...] nominet.org.uk - Correspondence added
Subject: Re: [rt.cpan.org #37104] Feature Request - export and document DNS::Resolver::make_query_packet
Date: Wed, 17 Dec 2008 10:17:47 +0000
To: bug-Net-DNS [...] rt.cpan.org
From: Ray.Bellis [...] nominet.org.uk
Show quoted text
> How do you use the method? You build a packet and then use the > Resolver to send or do you do your own socket managing?
My code looks like this: --8<--8<-- $request = $resolver->make_query_packet(@baseline); $packet = send_udp($request); sub send_udp($) { my $request = shift; $request->header->id($id++); my $response = $resolver->send_udp($request, $request->data); return undef if ($response->answerfrom ne $server); return $response; } --8<--8<-- where I've done this to ensure that for the purposes of my router testing that I *do* get sequential Query IDs, so that it's easy to correlate tcpdumps with the transmitted packets, and also to work around the way that the current version of Net::DNS doesn't do source IP validation (and therefore doesn't reject response packets sent from the wrong address). kind regards, Ray
  Thu Dec 18 04:05:45 2008 OLAF [...] cpan.org - Correspondence added
On Wed Dec 17 05:18:02 2008, Ray.Bellis@nominet.org.uk wrote: Show quoted text
> > How do you use the method? You build a packet and then use the > > Resolver to send or do you do your own socket managing?
> > My code looks like this: > > --8<--8<-- > $request = $resolver->make_query_packet(@baseline); > $packet = send_udp($request); > > sub send_udp($) > { > my $request = shift; > $request->header->id($id++); > my $response = $resolver->send_udp($request, $request->data); > return undef if ($response->answerfrom ne $server); > return $response; > } > --8<--8<-- > > where I've done this to ensure that for the purposes of my router testing > that I *do* get sequential Query IDs, so that it's easy to correlate > tcpdumps with the transmitted packets, and also to work around the way > that the current version of Net::DNS doesn't do source IP validation (and > therefore doesn't reject response packets sent from the wrong address). >
Ray, This seems to confirm that there is no easy way to provide a intuitive interface for the general user of the module... I'll turn this ticket into a whishlist item. That is as soon as I addressed source IP validation, which is a real bug. --Olaf
  Mon Apr 18 17:35:05 2016 rwfranks [...] acm.org - Correspondence added
From: rwfranks [...] acm.org
On Wed Dec 17 05:18:02 2008, Ray.Bellis@nominet.org.uk wrote: Show quoted text
> > How do you use the method? You build a packet and then use the > > Resolver to send or do you do your own socket managing?
> > My code looks like this: > > --8<--8<-- > $request = $resolver->make_query_packet(@baseline); > $packet = send_udp($request); > > sub send_udp($) > { > my $request = shift; > $request->header->id($id++); > my $response = $resolver->send_udp($request, $request->data); > return undef if ($response->answerfrom ne $server); > return $response; > } > --8<--8<-- > > where I've done this to ensure that for the purposes of my router testing > that I *do* get sequential Query IDs, so that it's easy to correlate > tcpdumps with the transmitted packets, and also to work around the way > that the current version of Net::DNS doesn't do source IP validation (and > therefore doesn't reject response packets sent from the wrong address). > > kind regards, > > Ray
There are two parts to the justification for this, neither of which appears to hold water. 1) Arbitrary modification of header content (specifically id, but generally applicable) my $resolver = Net::DNS::Resolver->new( nameserver => 'a.iana-servers.net' ); my $query = new Net::DNS::Packet( 'www.example.com', 'A' ); $query->header->id(1234); my $reply = $resolver->send($query); # calls make_query_packet $reply->print; ;; Answer received from 199.43.135.53 (97 bytes) ;; HEADER SECTION ;; id = 1234 ;; qr = 1 aa = 1 tc = 0 rd = 1 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 1 nscount = 2 arcount = 0 ;; do = 0 ;; QUESTION SECTION (1 record) ;; www.example.com. IN A ;; ANSWER SECTION (1 record) www.example.com. 86400 IN A 93.184.216.34 ;; AUTHORITY SECTION (2 records) example.com. 86400 IN NS a.iana-servers.net. example.com. 86400 IN NS b.iana-servers.net. ;; ADDITIONAL SECTION (0 records) Note the specified id 2) Source IP validation return undef if ($response->answerfrom ne $server); Unacheivable using Perl's socket implementation as it now stands. $response->answerfrom comes from $socket->peerhost which does *not* come from the IP packet header.
  Mon Apr 18 17:37:26 2016 rwfranks [...] acm.org - Correspondence added
From: rwfranks [...] acm.org
s/Unacheivable/Unachievable/
  Tue Jun 07 05:16:12 2016 NLNETLABS [...] cpan.org - Correspondence added
The desirability of this is obsolete now. There are now other ways to do the same..
  Tue Jun 07 05:16:18 2016 NLNETLABS [...] cpan.org - Status changed from 'open' to 'rejected'