(usagi-users 03697) Re: glibc getaddrinfo can resolve addresses of different hosts in case of search domains are used in /etc/resolv.conf - bug or feature?

[Vlad Yasevich <vladislav.yasevich@xxxxxx>]

On Tue August 22 2006 08:00, Peter Bieringer wrote:
> Hi,
>
> after some discussions with people from Red Hat I'm still not able to
> convince them that the behavior of getaddrinfo in glibc is buggy, if
> search domains in /etc/resolv.conf are specified.
>
> Currently, it can return IPv6 and IPv4 addresses of different hosts,
> depending what happen during AAAA lookups while appending a search
> domain. If successful, application gets back e.g.
>
>  AAAA fec0::1 (www.redhat.com.intranet.domain.example)
>  A 66.187.224.150 (www.redhat.com)
>
> Not good, if application prefers IPv6...it connects unexpected to the
> wrong host.
>
>
> Me was told inbetween (and a short look into the source code shows like
> that), that getaddrinfo uses DNS lookups more abstract and it can't be
> fixed in an easy manner.
>
> Last note I get was I should provide more information or a whitepaper,
> that current behavior is more a bug than a feature...and support/request
> of the community is required.
>
> Therefore my next (last) try is to inform the IPv6 community about this
> issue. Please read details below and perhaps vote for
>
> ( ) bug, should be fixed in
> 	[ ] newer releases
> 	[ ] current release
> 	[ ] older releases, too
> ( ) feature, no need to fix it
> ( ) ...
>
> Feel free to add yourself to bugzilla entries shown below.
>

I would file this under "Bug, should be fixed in all releases".  This is a 
potential security issue.

If the name exists, but the requested RR doesn't, the server should return 
NO_ERROR (it does) which should be considered a successful answer and futher 
queries for RR type should stop.

-vlad