View Issue Details

IDProjectCategoryView StatusLast Update
0002843unrealircdpublic2006-04-02 15:15
ReporterBockAssigned Tosyzop 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
PlatformallOSWindowsOS Version2003
Product Version3.2.4 
Target VersionFixed in Version3.2.5 
Summary0002843: don't resolve correct all hostnames
Descriptionunreal 3.2.4 don't resolve correct all hostnames.

-› Unreal3.2.4. nol.bynets.org FinWXeOoZE [Windows Server 2003 Service Pack 1=2307]
-nol.bynets.org- OpenSSL 0.9.8a 11 Oct 2005
-nol.bynets.org- zlib 1.2.3
-nol.bynets.org- libcurl/7.15.2-CVS OpenSSL/0.9.8a c-ares/1.3.0
-› Protocols supported: (SAFELIST HCN MAXCHANNELS=25 CHANLIMIT=#:25 MAXLIST=b:60,e:60,I:60 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 MAXTARGETS=20 WALLCHOPS WATCH=128)
-› Protocols supported: (SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(qaohv)~&@%+ CHANMODES=beI,kfL,lj,psmntirRcOAQKVCuzNSMTG NETWORK=ByNets CASEMAPPING=ascii EXTBAN=~,cqnr ELIST=MNUCT STATUSMSG=~&@%+ EXCEPTS INVEX CMDS=KNOCK,MAP,DCCALLOW,USERIP)

-> Server: dns l
-› DNS CACHE List (1 items):
-› wax.net1.by [10.222.1.60]
-> Server: dns i
-› DNS Configuration info:
-› c-ares version 1.3.0

but:
 -nol.bynets.org- *** Notice -- Client connecting on port 6667: bock_ (bock@10.222.0.5) [clients]

-> Server: dns l
-› DNS CACHE List (1 items):
-› blackflag.net1 [10.222.0.5]
Steps To Reproducebock@blackflag:~(/home/bock)> host 10.222.0.5
5.0.222.10.in-addr.arpa domain name pointer search.net1.
5.0.222.10.in-addr.arpa domain name pointer blackflag.net1.
5.0.222.10.in-addr.arpa domain name pointer www.net1.
5.0.222.10.in-addr.arpa domain name pointer forum.net1.
5.0.222.10.in-addr.arpa domain name pointer fserv.net1.


bock@blackflag:~(/home/bock)> host blackflag.net1
blackflag.net1 has address 10.222.0.5
bock@blackflag:~(/home/bock)> host fserv.net1
fserv.net1 is an alias for blackflag.net1.
blackflag.net1 has address 10.222.0.5
Additional InformationNames, that ends by "net1" can't resolve by unreal, but resolve hybrid. With "net1.by" no problems. On all servers dns server: 10.222.0.100 (bind9).

F:\Documents and Settings\Administrator>nslookup
Default Server: ircserv.net1
Address: 10.222.0.100

> blackflag.net1
Server: ircserv.net1
Address: 10.222.0.100

Name: blackflag.net1
Address: 10.222.0.5

> 10.222.0.5
Server: ircserv.net1
Address: 10.222.0.100

Name: blackflag.net1
Address: 10.222.0.5


Or it trouble of c-ares?
TagsNo tags attached.
3rd party modulesno

Activities

Bock

2006-03-03 12:33

reporter   ~0011322

bock@blackflag:~(/home/bock)> host 10.222.0.5
5.0.222.10.in-addr.arpa domain name pointer search.net1.
5.0.222.10.in-addr.arpa domain name pointer blackflag.net1.
5.0.222.10.in-addr.arpa domain name pointer www.net1.
5.0.222.10.in-addr.arpa domain name pointer forum.net1.
5.0.222.10.in-addr.arpa domain name pointer fserv.net1.


bock@blackflag:~(/home/bock)> host blackflag.net1
blackflag.net1 has address 10.222.0.5
bock@blackflag:~(/home/bock)> host fserv.net1
fserv.net1 is an alias for blackflag.net1.
blackflag.net1 has address 10.222.0.5

And whois:
[20:31:12] -› Whois report for Bock (Samets Anton)
[20:31:12] -› Address: wax@wax.net1.by
[20:31:12] -› Bock is using modes +iowghaAsNWz +kcfjveGqSso
[20:31:12] -› Bock is connecting from *@wax.net1.by 10.222.1.60
[20:31:12] -› Channels: @#opers
[20:31:12] -› Server: nol.bynets.org, Your Server Information
[20:31:12] -› Status: Network Administrator
[20:31:12] -› Bock is available for help.
[20:31:12] -› Bock is using a Secure Connection
[20:31:12] -› Bock Don't ask me, why I hate you...
[20:31:12] -› Idle: 3mins 20secs, signed on 20mins 58secs ago
[20:31:12] •• ••› ••›› (/whois Bock) ••››› ••››››
[20:31:14] •• ••› ••›› (/whois bock_) ••››› ••››››
[20:31:14] -› Whois report for bock_ (bock)
[20:31:14] -› Address: bock@10.222.0.5
[20:31:14] -› bock_ is using modes +iw
[20:31:14] -› bock_ is connecting from *@10.222.0.5 10.222.0.5
[20:31:14] -› Channels: #opers
[20:31:14] -› Server: nol.bynets.org, Your Server Information
[20:31:14] -› Idle: 8mins 35secs, signed on 8mins 40secs ago
[20:31:14] •• ••› ••›› (/whois bock_) ••››› ••››››

stskeeps

2006-03-21 08:56

reporter   ~0011403

I see no reason for supporting multiple IN PTR's for in-addr.arpa records.

Bock

2006-03-21 09:25

reporter   ~0011404

trouble not in multiply records, unreal must give one of them (like round-robin). Special for you I do one record. ex: 10.222.0.10 - host.net1 and unreal don't resolve them.

syzop

2006-03-21 13:36

administrator   ~0011405

I second stskeeps, there's no way we are going to support multiple PTR's in reverse dns. It's bad, discouraged, unworkable, and just plain ugly.
We are just handling them like pretty much all applications.

It seems you (Bock) are suggesting "we should pick one of them", indeed, that is exactly how it works.. and it works fine:
# host 192.168.10.144
144.10.168.192.in-addr.arpa domain name pointer multiptr2.testnet.
144.10.168.192.in-addr.arpa domain name pointer multiptr3.testnet.
144.10.168.192.in-addr.arpa domain name pointer multiptr4.testnet.
144.10.168.192.in-addr.arpa domain name pointer multiptr1.testnet.
vulnscan:~# host multiptr1.testnet.
multiptr1.testnet has address 192.168.10.144
vulnscan:~# host multiptr2.testnet.
multiptr2.testnet has address 192.168.10.144
vulnscan:~# host multiptr3.testnet.
multiptr3.testnet has address 192.168.10.144
vulnscan:~# host multiptr4.testnet.
multiptr4.testnet has address 192.168.10.144

vulnscan:~# nc -s 192.168.10.144 192.168.5.220 6667
:maintest.test.net NOTICE AUTH :*** Looking up your hostname...
user x x x x
nick woekel
:maintest.test.net 001 woekel :Welcome to the TestNet IRC Network woekel!root@multiptr1.testnet

vulnscan:~# nc -s 192.168.10.144 192.168.5.220 6667
:maintest.test.net NOTICE AUTH :*** Looking up your hostname...

user x x x x
nick woekel
:maintest.test.net 001 woekel :Welcome to the TestNet IRC Network woekel!root@multiptr4.testnet

etc etc

(naturally, entries are cached).

So I don't see any bug....

Bock

2006-03-21 16:48

reporter   ~0011407

Bug only with a hostname "net1".
I can gie you shell or you can make testnet.net1 and test it.

syzop

2006-03-21 16:51

administrator   ~0011408

ok ok, do that.. mail details to syzop@vulnscan.org

I'll check tomorrow (or Thursday) ;p

syzop

2006-03-22 06:27

administrator   ~0011414

Hm, I (somehow) didn't notice you were talking about windows (why is OS set to 'all'??)
Could very simply be a windows c-ares or windows dns issue then.

syzop

2006-03-22 14:23

administrator   ~0011415

Last edited: 2006-03-22 14:24

hm ack @ his Linux

Will investigate more soon (Thursday/Friday)

syzop

2006-04-02 15:15

administrator   ~0011464

Fixed in CVS.

- Fixed (unimportant) DNS resolver problem if using some LAN domains with digits at end, reported by Bock (0002843).

In short, it happened because your domainname is .net1 (the digit at end). Some RFC's say this is illegal (RFC2396) btw.. But I've simply enhanced our check to allow it anyway.

Issue History

Date Modified Username Field Change
2006-03-03 12:30 Bock New Issue
2006-03-03 12:30 Bock 3rd party modules => no
2006-03-03 12:33 Bock Note Added: 0011322
2006-03-21 08:56 stskeeps Note Added: 0011403
2006-03-21 09:25 Bock Note Added: 0011404
2006-03-21 13:36 syzop Note Added: 0011405
2006-03-21 16:48 Bock Note Added: 0011407
2006-03-21 16:51 syzop Note Added: 0011408
2006-03-22 06:27 syzop Note Added: 0011414
2006-03-22 06:30 syzop OS all => Windows
2006-03-22 06:30 syzop OS Version all => 2003
2006-03-22 14:23 syzop Note Added: 0011415
2006-03-22 14:23 syzop Status new => acknowledged
2006-03-22 14:24 syzop Note Edited: 0011415
2006-04-02 15:15 syzop Status acknowledged => resolved
2006-04-02 15:15 syzop Fixed in Version => 3.2.5
2006-04-02 15:15 syzop Resolution open => fixed
2006-04-02 15:15 syzop Assigned To => syzop
2006-04-02 15:15 syzop Note Added: 0011464