-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't return an empty label from to_domain_name #54
Conversation
Is this really an issue with this library or the ocaml-dns consumer? If this library, the documentation will need updating as well. I'm inclined to believe that the current implementation is correct and the consumer should be changed but maybe not. We need an IDN library. |
I did consider that, and yes Dns.Name.of_ipaddr could be changed to something like: let of_ipaddr ip = of_string_list (Ipaddr.to_domain_name ip |> List.filter (fun s -> s <> "")) (that was just a quick hack that did fix gethostbyaddr) But I didn't find code anywhere in ocaml-dns that supports the convention that a list of strings ending in "" signifies an FQDN, so that's why I filed it here. By documentation update, do you mean: (** [to_domain_name ipv4] is the domain name label list for reverse
lookups of [ipv4]. This includes the [.in-addr.arpa] suffix. *) ? |
That is what I mean by documentation update, yes. I think ocaml-dns should be made compatible with FQDNs in general and, if that is not practical in the short term, should be made to deal with this interface. Is that off-the-mark? Maybe the FQDN/PQDN distinction is irrelevant here and we should drop the trailing |
Yeah maybe ocaml-dns should also be changed to prevent creation of a bad Name.t. Maybe others can upvote/downvote this PR? |
see mirage/ocaml-dns#137 where this issue indeed comes up again |
if anyone is still listening, i just factored out my |
the domain-name interface looks good to me. Only query that came up when I read it was why you need a |
@avsm AFAI understand, case-sensitive |
@avsm as @cfcs mentioned, entropy in DNS queries is pretty low -- 16 bit from DNS transaction ID, which means you need 65k packets for a collision -- so people use 1 bit entropy for each alphabetic character in the query, and servers are supposed to send the same domain-name back to the client (i.e. mIrAgE.iO will be echoed) -- this way there's more entropy. now, this is only relevant for a client issuing a DNS request, and awaiting a reply, and it is brittle since some DNS servers ignore casing and respond with all uppercase (or all lowercase) letters. the result is: it is a good idea to provide both comparisons in a domain-name library, and maybe even a function "randomize_casing" (which then requires a RNG) from Domain_name.t -> Domain_name.t. |
Fixed via #88 |
Fixes #53