Report information
The Basics
Id:
45612
Status:
resolved
Priority:
Medium/Medium
Queue:
bind9-public
People
BugTracker
Version Fixed:
9.9.12, 9.10.7, 9.11.3, 9.12.0
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
9.12.0
Priority:
P2 Normal
Severity:
S3 Low
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
BIND Server
Area:
feature
Dates
Created:Tue, 25 Jul 2017 09:03:15 -0400
Updated:Fri, 06 Oct 2017 08:01:58 -0400
Closed:Fri, 06 Oct 2017 07:07:27 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Tue, 25 Jul 2017 09:03:15 -0400 Michał Kępień <michal@isc.org> - Ticket created
Date: Tue, 25 Jul 2017 13:03:15 +0000
To: bind9-confidential@isc.org
From: michal@isc.org
Subject: Implement draft-durand-doa-over-dns

Add BIND support for DOA over DNS, as defined by: https://www.ietf.org/id/draft-durand-doa-over-dns-01.txt
  Tue, 25 Jul 2017 09:42:19 -0400 Michał Kępień <michal@isc.org> - Correspondence added

Support for DOA RRs along with relevant system test extensions is in the rt45612 branch, please review. Unit tests will be added after #45610 gets merged, to avoid further code duplication in lib/dns/tests/rdata_test.c (unless #45610 takes too much time to review, in which case I will add unit tests for DOA RRs to rdata_test.c in its current form).
Tue, 25 Jul 2017 09:42:19 -0400 Michał Kępień <michal@isc.org> - Status changed from 'open' to 'review'
Tue, 25 Jul 2017 09:42:20 -0400 Michał Kępień <michal@isc.org> - Untaken
Wed, 26 Jul 2017 03:51:25 -0400 Mukund Sivaraman <muks@isc.org> - Taken
  Wed, 26 Jul 2017 05:06:35 -0400 Michał Kępień <michal@isc.org> - Correspondence added

While #45610 was positively reviewed by Evan, Ray suggested (via Jabber) another improvement for lib/dns/tests/rdata_test.c which I think is sound, but will require a bit more work in #45610 (and thus some more reviewing). As preparing DOA RR unit tests has higher priority, I decided to push them to the rt45612 branch so that they can be reviewed, resorting to copy-and-paste (which is basically how tests have been added to lib/dns/tests/rdata_test.c for a while now). When it is decided that DOA RR support is good to be merged into master, I will rebase it against refactored lib/dns/tests/rdata_test.c, which should already be merged by then.
Wed, 26 Jul 2017 05:16:19 -0400 Mukund Sivaraman <muks@isc.org> - Given to Michał Kępień <michal@isc.org>
  Mon, 07 Aug 2017 21:48:34 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

As I understand it, this was in review so an experimental version could be supplied to Alain, but we're not planning to merge any time soon because the code point hasn't been issued. I'm marking the ticket stalled to take it off the review queue; if that was the wrong call, please go ahead and change it back. (BTW, why is this in bind9-confidential?)
Mon, 07 Aug 2017 21:48:35 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'review' to 'stalled'
Tue, 08 Aug 2017 01:37:29 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #6 to bind9-public
Wed, 09 Aug 2017 06:58:11 -0400 Mukund Sivaraman <muks@isc.org> - Severity S3 Low added
Wed, 09 Aug 2017 06:58:11 -0400 Mukund Sivaraman <muks@isc.org> - Priority P2 Normal added
  Thu, 31 Aug 2017 01:20:13 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

The code point has been issued so I'm bringing this back to the review queue now. I've changed the branch to use the new code point instead of the experimental value. Was there any other pending work for this? Has Alain said anything about the testing he's done? It'd be nice to get it merged for alpha if the code point was the only thing we were waiting for.
Thu, 31 Aug 2017 01:20:14 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'stalled' to 'review'
  Thu, 31 Aug 2017 21:49:48 -0400 Mark Andrews <marka@isc.org> - Correspondence added
Subject: Re: [ISC-Bugs #45612] Implement draft-durand-doa-over-dns
Date: Fri, 01 Sep 2017 11:49:34 +1000
To: bind9-public@isc.org
From: "Mark Andrews" <marka@isc.org>

Is a empty media blob allowed and if so how is is represented in presentation format? If not then fromwire is wrong as it doesn't fail if there isn't a media blob. Mark In message <rt-4.4.1-30483-1504156813-51.45612-4-0@isc.org>, "Evan Hunt via RT" writes: > The code point has been issued so I'm bringing this back to the review > queue now. > > I've changed the branch to use the new code point instead of the experimental > value. > > Was there any other pending work for this? Has Alain said anything about the > testing he's done? It'd be nice to get it merged for alpha if the code point > was the only thing we were waiting for. > > -- > Ticket History: https://bugs.isc.org/Ticket/Display.html?id=45612 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
Fri, 01 Sep 2017 03:13:57 -0400 Michał Kępień <michal@isc.org> - Versions Planned 9.12.0 added
  Fri, 01 Sep 2017 04:25:52 -0400 Ray Bellis <ray@isc.org> - Correspondence added
Subject: Re: [ISC-Bugs #45612] Implement draft-durand-doa-over-dns
Date: Fri, 1 Sep 2017 09:24:25 +0100
To: bind9-public@isc.org
From: "Ray Bellis" <ray@isc.org>

On 01/09/2017 02:49, Mark Andrews via RT wrote: > > Is a empty media blob allowed It's not explicitly prohibited in the draft at the moment > and if so how is is represented in presentation format? On my CLI base64 decoder the string "=" is accepted as a legal representation of an empty string. If that's not acceptable, would ( ) work ?
  Fri, 01 Sep 2017 04:43:28 -0400 Michał Kępień <michal@isc.org> - Correspondence added

On Fri Sep 01 10:25:52 2017, ray wrote: > On 01/09/2017 02:49, Mark Andrews via RT wrote: > > > > Is a empty media blob allowed > > It's not explicitly prohibited in the draft at the moment > > > and if so how is is represented in presentation format? > > On my CLI base64 decoder the string "=" is accepted as a legal > representation of an empty string. The base64 program which is part of GNU coreutils treats "=" as invalid input. And I believe it is the right thing to do as section 10 ("Test Vectors") of RFC 4648 contains: BASE64("") = ""
  Fri, 01 Sep 2017 04:45:44 -0400 Mark Andrews <marka@isc.org> - Correspondence added
Subject: Re: [ISC-Bugs #45612] Implement draft-durand-doa-over-dns
From: "Mark Andrews" <marka@isc.org>
Date: Fri, 01 Sep 2017 18:45:35 +1000
To: bind9-public@isc.org

In message <rt-4.4.1-42312-1504254352-1098.45612-4-0@isc.org>, "Ray Bellis via RT" writes: > On 01/09/2017 02:49, Mark Andrews via RT wrote: > > > > Is a empty media blob allowed > > It's not explicitly prohibited in the draft at the moment The question is "should it be". > > and if so how is is represented in presentation format? > > On my CLI base64 decoder the string "=" is accepted as a legal > representation of an empty string. We could make it so if it was documented as such. Unfortunately RFC 4648 (Note the reference in the draft is out of date) says the encoding for no bits is nothing. BASE64("") = "" That is not '""'. > If that's not acceptable, would ( ) work ? No. > -- > Ticket History: https://bugs.isc.org/Ticket/Display.html?id=45612 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
  Fri, 01 Sep 2017 04:46:48 -0400 Ray Bellis <ray@isc.org> - Correspondence added
Date: Fri, 1 Sep 2017 09:46:40 +0100
To: bind9-public@isc.org
From: "Ray Bellis" <ray@isc.org>
Subject: Re: [ISC-Bugs #45612] Implement draft-durand-doa-over-dns

On 01/09/2017 09:45, Mark Andrews via RT wrote: > The question is "should it be". I'll refer that back to Alain.
  Fri, 01 Sep 2017 05:32:00 -0400 Michał Kępień <michal@isc.org> - Correspondence added

As hinted before [1], I merged current master into rt45612 to re-add unit tests due to lib/dns/tests/rdata_test.c refactoring. [1] https://bugs.isc.org/Ticket/Display.html?id=45612#txn-485181
  Wed, 06 Sep 2017 12:05:19 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

Temporarily stalling until 9.12 beta.
Wed, 06 Sep 2017 12:05:20 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'review' to 'stalled'
  Mon, 18 Sep 2017 12:42:44 -0400 Ray Bellis <ray@isc.org> - Correspondence added
Subject: Re: [ISC-Bugs #45612] Implement draft-durand-doa-over-dns
To: bind9-public@isc.org
From: "Ray Bellis" <ray@isc.org>
Date: Mon, 18 Sep 2017 17:42:37 +0100

Alain and I have determined that the DOA draft will permit an empty DOA-DATA field. That just leaves the question of a presentation format for it. Are we OK with just using '-' (no quotes) ? I imagine this will slightly complicate the parser because it'll have to cope with either a single dash or base64.
  Mon, 18 Sep 2017 22:10:38 -0400 Mark Andrews <marka@isc.org> - Correspondence added
From: "Mark Andrews" <marka@isc.org>
Subject: Re: [ISC-Bugs #45612] Implement draft-durand-doa-over-dns
Date: Tue, 19 Sep 2017 12:10:19 +1000
To: bind9-public@isc.org

In message <rt-4.4.1-4791-1505752964-1360.45612-4-0@isc.org>, "Ray Bellis via RT" writes: > Alain and I have determined that the DOA draft will permit an empty > DOA-DATA field. > > That just leaves the question of a presentation format for it. Are we > OK with just using '-' (no quotes) ? > > I imagine this will slightly complicate the parser because it'll have to > cope with either a single dash or base64. Get the next token, check if it is "-" and if so exit else push the token back and call the base64 parser. > -- > Ticket History: https://bugs.isc.org/Ticket/Display.html?id=45612 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
  Tue, 26 Sep 2017 09:46:54 -0400 Michał Kępień <michal@isc.org> - Correspondence added

Pushed some more bikeshedding that should be a blast to review. Working on making lib/dns/tests/rdata_test.c check totext_*() functions as well.
Tue, 26 Sep 2017 09:46:55 -0400 Michał Kępień <michal@isc.org> - Status changed from 'stalled' to 'review'
Tue, 26 Sep 2017 09:46:55 -0400 Michał Kępień <michal@isc.org> - Untaken
  Tue, 26 Sep 2017 10:32:21 -0400 Ray Bellis <ray@isc.org> - Correspondence added
Date: Tue, 26 Sep 2017 15:30:32 +0100
Subject: Re: [ISC-Bugs #45612] Implement draft-durand-doa-over-dns
To: bind9-public@isc.org
From: "Ray Bellis" <ray@isc.org>

On 26/09/2017 14:46, Michał Kępień via RT wrote: > Pushed some more bikeshedding that should be a blast to review. Working > on making lib/dns/tests/rdata_test.c check totext_*() functions as well. I don't see any unit tests that allow for spaces to appear within the DOA-DATA base64, and I'm not familiar enough with our tokenizer to know whether the new call to isc_lex_getmastertoken() handles that for us.
Thu, 28 Sep 2017 02:46:17 -0400 Mukund Sivaraman <muks@isc.org> - Given to Michał Kępień <michal@isc.org>
  Wed, 04 Oct 2017 03:55:24 -0400 Michał Kępień <michal@isc.org> - Correspondence added

Mukund fixed whitespace handling in DOA-DATA last week and I just pushed some further cleanups and improvements for DOA unit tests and coding style. Furthermore, totext_*() functions are now unit tested for all RR types. Ready for review.
Wed, 04 Oct 2017 03:55:25 -0400 Michał Kępień <michal@isc.org> - Untaken
  Thu, 05 Oct 2017 17:16:54 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

On Wed Oct 04 07:55:24 2017, michal wrote: > Ready for review. Looks fine to me.
Thu, 05 Oct 2017 17:16:55 -0400 Evan Hunt <Evan_Hunt@isc.org> - Given to Michał Kępień <michal@isc.org>
  Fri, 06 Oct 2017 05:19:54 -0400 Michał Kępień <michal@isc.org> - Correspondence added

Thanks for reviewing, Evan. I think this branch is good to go code-wise, but I will not merge it just yet because in the end it implements version -03 of draft-durand-doa-over-dns which seemingly has not yet been submitted to the IETF. I would also like to get a final sign-off on this from Ray, so I am reassigning the ticket to him.
Fri, 06 Oct 2017 05:19:56 -0400 Michał Kępień <michal@isc.org> - Given to Ray Bellis <ray@isc.org>
  Fri, 06 Oct 2017 05:31:58 -0400 Ray Bellis <ray@isc.org> - Correspondence added
To: bind9-public@isc.org
Subject: Re: [ISC-Bugs #45612] Implement draft-durand-doa-over-dns
From: "Ray Bellis" <ray@isc.org>
Date: Fri, 6 Oct 2017 10:31:52 +0100

On 06/10/2017 10:19, Michał Kępień via RT wrote: > I would also like to get a final sign-off on this from Ray, so I am > reassigning the ticket to him. I just submitted the -03 draft, so please go ahead and merge. Ray
  Fri, 06 Oct 2017 07:07:26 -0400 Michał Kępień <michal@isc.org> - Correspondence added

4761. [protocol] Add support for DOA. [RT #45612] 9.9.12, 9.10.7, 9.11.3, 9.12.0
Fri, 06 Oct 2017 07:07:27 -0400 Michał Kępień <michal@isc.org> - Status changed from 'review' to 'resolved'
Fri, 06 Oct 2017 07:07:27 -0400 Michał Kępień <michal@isc.org> - Version Fixed 9.9.12, 9.10.7, 9.11.3, 9.12.0 added