Skip Menu |
Report information
The Basics
Id: 37442
Status: resolved
Priority: 50/50
Queue: bind9-public
People
Owner: Mark Andrews <marka@isc.org>
Requestors: daniel.stirnimann <daniel.stirnimann@switch.ch>
Cc:
AdminCc:
Bug Information
Version Fixed: 9.11.0
Version Found: (no value)
Versions Affected: (no value)
Versions Planned: 9.11.0
Priority: (no value)
Severity: S2 Normal
CVSS Score: (no value)
CVE ID: (no value)
Component: (no value)
Area: bug
Dates
Created:Fri, 10 Oct 2014 08:43:12 -0400
Updated:Fri, 04 Aug 2017 13:44:48 -0400
Closed:Tue, 18 Aug 2015 20:35:47 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History Show full headers
# Fri, 10 Oct 2014 08:43:12 -0400 daniel.stirnimann <daniel.stirnimann@switch.ch> - Ticket created [Reply] [Comment]
Subject: zone_name case-sensitivity preferred for dns response
Date: Fri, 10 Oct 2014 14:43:03 +0200
To: bind9-bugs@isc.org
From: Daniel Stirnimann <daniel.stirnimann@switch.ch>
Download (untitled) / with headers
text/plain 2.2KiB
Hello We found out that case-sensitivity from the zone_name in a zone statement is preferred over what is defined in the zone itself. Example zone_name with upper-case ORG.: zone "example.ORG." { type master; masterfile-format text; file "example.org/zone.publish"; }; Whereas the zone example.org. only contains lower case letters: cat zone.publish (example.org) example.org. 86400 IN SOA scsnms.switch.ch. dns-operation.switch.ch. 2014101000 28800 7200 604800 1800 example.org. 86400 IN NS ns2.switch.ch. example.org. 86400 IN NS scsnms.switch.ch. The authoritative name server (running BIND 9.9.5) response now contains "example.ORG." in the authority response. dig @bamus.switch.ch example.org ; <<>> DiG 9.8.3-P1 <<>> @bamus.switch.ch example.org ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43089 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;example.org. IN A ;; AUTHORITY SECTION: example.ORG. 1800 IN SOA scsnms.switch.ch. dns-operation.switch.ch. 2014101000 28800 7200 604800 1800 ;; Query time: 9 msec ;; SERVER: 2001:620::8:5054:ff:fef6:d929#53(2001:620::8:5054:ff:fef6:d929) ;; WHEN: Fri Oct 10 14:27:51 2014 ;; MSG SIZE rcvd: 106 I think this is a bug. I guess, this response is due to the change in case-sensitive response compression, https://kb.isc.org/article/AA-01113 introduced in BIND 9.9.5. However, in my opinion, BIND should not preserve its case from the zone_name clause but only from the zone itself. We ran into this problem for the TLD .ch as one of the secondary name servers had the zone_name clause in upper case. While this is perfectly legal and no harm is caused by this, some misbehaving client devices noticed this which is why we found out about it. Of course, we have sent bug reports to the misbehaving client devices. On the other hand, we also think that the behavior of BIND in preferring the case of the zone_name clause above the name defined in the zone is wrong. Thank you, Daniel -- SWITCH Daniel Stirnimann, SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 15, direct +41 44 268 16 24 daniel.stirnimann@switch.ch, http://www.switch.ch
# Fri, 10 Oct 2014 08:54:06 -0400 Mark Andrews <marka@isc.org> - Correspondence added [Reply] [Comment]
Subject: Re: [ISC-Bugs #37442] zone_name case-sensitivity preferred for dns response
Date: Fri, 10 Oct 2014 23:53:57 +1100
To: bind9-bugs@isc.org
From: Mark Andrews <marka@isc.org>
Download (untitled) / with headers
text/plain 451B
Fixing this requires redesigning the database to record the case of the the owner names for each record rather than using the tree name which has to exist before the zone is read or transfered in. Once this is done the case presevation will be complete. We haven't yet decided when this work will be done. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
# Fri, 10 Oct 2014 08:54:06 -0400 The RT System itself - Status changed from 'new' to 'open'
# Fri, 10 Oct 2014 09:10:35 -0400 daniel.stirnimann <daniel.stirnimann@switch.ch> - Correspondence added [Reply] [Comment]
Subject: Re: [ISC-Bugs #37442] zone_name case-sensitivity preferred for dns response
Date: Fri, 10 Oct 2014 15:10:29 +0200
To: bind9-bugs@isc.org
From: Daniel Stirnimann <daniel.stirnimann@switch.ch>
Download (untitled) / with headers
text/plain 737B
Thank you Mark I don't think this is a serious bug but just wanted to report it anyway. I'm perfectly happy if this gets resolved in the long term. Regards, Daniel SWITCH Daniel Stirnimann, SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 15, direct +41 44 268 16 24 daniel.stirnimann@switch.ch, http://www.switch.ch On 10.10.14 14:54, Mark Andrews via RT wrote: > > Fixing this requires redesigning the database to record the case > of the the owner names for each record rather than using the tree > name which has to exist before the zone is read or transfered in. > > Once this is done the case presevation will be complete. We haven't > yet decided when this work will be done. > > Mark >
# Tue, 23 Dec 2014 21:09:34 -0500 Mark Andrews <marka@isc.org> - Taken
# Tue, 30 Dec 2014 11:53:39 -0500 Chuck Aurora <chucka@isc.org> - Severity S2 Normal added
# Tue, 30 Dec 2014 11:53:39 -0500 Chuck Aurora <chucka@isc.org> - Reference by https://support.isc.org/Ticket/Display.html?id=7812 added
# Fri, 02 Jan 2015 07:11:06 -0500 Cathy Almond <cathya@isc.org> - Reference to https://support.isc.org/Ticket/Display.html?id=7812 added
# Tue, 13 Jan 2015 09:43:28 -0500 Cathy Almond <cathya@isc.org> - Reference by #38302: added
# Sun, 18 Jan 2015 23:47:04 -0500 Mark Andrews <marka@isc.org> - Queue changed from #6 to #7
# Sun, 18 Jan 2015 23:47:04 -0500 Mark Andrews <marka@isc.org> - Untaken
# Sat, 21 Feb 2015 12:15:21 -0500 Evan Hunt <Evan_Hunt@isc.org> - Taken
# Thu, 26 Feb 2015 01:46:07 -0500 Evan Hunt <Evan_Hunt@isc.org> - Given to Mark Andrews <marka@isc.org>
# Thu, 26 Feb 2015 23:10:24 -0500 Mark Andrews <marka@isc.org> - Version Fixed 9.11.0 added
# Thu, 26 Feb 2015 23:10:24 -0500 Mark Andrews <marka@isc.org> - Queue changed from #7 to #30
# Thu, 26 Feb 2015 23:10:24 -0500 Mark Andrews <marka@isc.org> - Untaken
# Fri, 27 Feb 2015 00:54:35 -0500 Mukund Sivaraman <muks@isc.org> - Queue changed from #30 to #6
# Fri, 27 Feb 2015 00:54:35 -0500 Mukund Sivaraman <muks@isc.org> - Given to Mark Andrews <marka@isc.org>
# Mon, 02 Mar 2015 00:16:09 -0500 Mark Andrews <marka@isc.org> - Member #38759: added
# Sat, 18 Apr 2015 09:13:51 -0400 Chuck Aurora <chucka@isc.org> - Reference to #21488: added
# Wed, 13 May 2015 13:30:15 -0400 Vicky Risk <vicky@isc.org> - Versions Planned 9.11.0 added
# Tue, 18 Aug 2015 20:35:47 -0400 Mark Andrews <marka@isc.org> - Status changed from 'open' to 'resolved'
# Tue, 02 Aug 2016 18:11:01 -0400 Vicky Risk <vicky@isc.org> - Area bug added
# Fri, 04 Aug 2017 13:44:48 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #6 to bind9-public