IETF Logo Mail Archive

Re: RFC 2119 section 6

Kevin Darcy <kcd@daimlerchrysler.com> Thu, 12 July 2001 04:43 UTC

Received: from psg.com (exim@psg.com [147.28.0.62]) by ietf.org (8.9.1a/8.9.1a) with SMTP id AAA05192 for <dnsext-archive@lists.ietf.org>; Thu, 12 Jul 2001 00:43:45 -0400 (EDT)
Received: from lserv by psg.com with local (Exim 3.31 #1) id 15KY3J-0006OT-00 for namedroppers-data@psg.com; Wed, 11 Jul 2001 21:26:13 -0700
Received: from rip.psg.com ([147.28.0.39] ident=exim) by psg.com with esmtp (Exim 3.31 #1) id 15KY3I-0006ON-00 for namedroppers@ops.ietf.org; Wed, 11 Jul 2001 21:26:12 -0700
Received: from randy by rip.psg.com with local (Exim 3.30 #1) id 15KY3I-000C5L-00 for namedroppers@ops.ietf.org; Wed, 11 Jul 2001 21:26:12 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
From: Kevin Darcy <kcd@daimlerchrysler.com>
To: namedroppers@ops.ietf.org
Subject: Re: RFC 2119 section 6
References: <E15HsNZ-0002Ru-00@psg.com> <E15I6RE-0008P8-00@psg.com> <E15IDD0-000J0d-00@psg.com> <E15IEZl-000LJv-00@psg.com> <E15IMxJ-000ACJ-00@psg.com> <E15Ie0n-000H8P-00@psg.com> <E15Ikad-0003j0-00@psg.com> <E15JxhS-000Kro-00@psg.com> <E15K8Yt-000IXm-00@psg.com> <E15KEI2-0003Cy-00@psg.com> <E15KLoi-0008wA-00@psg.com>
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
Message-Id: <E15KY3J-0006OT-00@psg.com>
Date: Wed, 11 Jul 2001 21:26:13 -0700
Content-Transfer-Encoding: 7bit

Andreas Borchert wrote:

> On Wed, Jul 11, 2001 at 12:20:06AM -0700, Robert Elz wrote:
> >     Date:        Tue, 10 Jul 2001 18:13:07 -0700
> >     From:        "D. J. Bernstein" <djb@cr.yp.to>
> >     Message-ID:  <E15K8Yt-000IXm-00@psg.com>
> >
> >   | I have thousands of sites whose adminitsrators don't want to be forced
> >   | to upgrade their working DNS software.
> >
> > This is a nonsense argument - before anyone would possibly be required
> > to upgrade their working software because of changes to AXFR that put
> > something different in the auth/additional sections than what is in
> > the answer section, all those administrators are going to have upgraded
> > their software for other reasons anyway (and not necessarily all for the
> > same one).
>
> This argument is not nonsense for administrators using djbdns and
> other software packages from the same author. Dan designes his software
> packages to be minimal, fast, and secure which allows him to keep them
> stable for a long time.

What's "minimal" about looking for zone data in sections where it doesn't
belong? Section-agnosticism is not necessary for minimalism, security or
performance, it's just a "feature" Dan made up to justify a fairly mundane
design decision he made in his AXFR client which in hindsight probably should
have been done a different way.


- Kevin

P.S. ($500 to the first person who proves that the following compromises
security or substantially impacts performance. As is usual with such
guarantees, my judgment is final as to whether a security-compromise or
substantial-performance-impact in fact exists.)

*** axfr-get.c.old      Sun Jan 21 21:51:44 2001
--- axfr-get.c  Wed Jul 11 21:03:38 2001
***************
*** 352,357 ****
--- 352,358 ----

      pos = x_copy(packet.s,packet.len,0,out,12);
      uint16_unpack_big(out + 4,&numqueries);
+     uint16_unpack_big(out + 6,&numanswers);

      while (numqueries) {
        --numqueries;
***************
*** 358,366 ****
        pos = x_skipname(packet.s,packet.len,pos);
        pos += 4;
      }
!     while (pos < packet.len) {
        pos = doit(packet.s,packet.len,pos);
!       if (!pos) die_parse();
      }
    }

--- 359,368 ----
        pos = x_skipname(packet.s,packet.len,pos);
        pos += 4;
      }
!     while (numanswers) {
!       --numanswers;
        pos = doit(packet.s,packet.len,pos);
!       if (!pos || (pos > packet.len)) die_parse();
      }
    }







to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.

v2.46.0 | Report a Bug | By Email | System Status