This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
[rfc] getaddrinfo oddity
- To: GNU C Library <libc-alpha at sourceware dot cygnus dot com>
- Subject: [rfc] getaddrinfo oddity
- From: Ben Collins <bcollins at debian dot org>
- Date: Sun, 7 Jan 2001 18:01:01 -0500
I have a bug report due to the following "feature" of getaddrinfo(),
which checks all possible ipv6 hosts before checking ipv4. This is the
output from my name server after a getaddrinfo call for
"samosa.debian.org". Note, I do not have any IPv6 addresses nor
nameservers.
XX+/192.168.0.1/samosa.debian.org/AAAA/IN
XX+/192.168.0.1/samosa.debian.org.internal.net/AAAA/IN
XX+/192.168.0.1/samosa.debian.org.debian.org/AAAA/IN
XX+/192.168.0.1/samosa.debian.org/A/IN
XX+/192.168.0.1/samosa.debian.org/A/IN
The odd part is the second and third line. It is the submitters opinion
(and I tend to agree) that it should try in something of this order:
XX+/192.168.0.1/samosa.debian.org/AAAA/IN
XX+/192.168.0.1/samosa.debian.org/A/IN
Where it would have stopped, but if not then tried each domain if these
failed (using the same ipv6/ipv4 alternating sequence). The argument
being that there could be DNS hijacking by someone with domain "foo.net"
adding entries for "host.someotherdomain.com.foo.net" as an IPv6
response.
This may sound all too unlikely, but I can see where it can be done.
The more common IPv6 gets, the more likely it can be a problem.
Ben
--
-----------=======-=-======-=========-----------=====------------=-=------
/ Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \
` bcollins@debian.org -- bcollins@openldap.org -- bcollins@linux.com '
`---=========------=======-------------=-=-----=-===-======-------=--=---'