Opened 9 years ago

Last modified 8 years ago

#6475 defect new

— at twistd dns returns NXDomain for valid records when multiple zone names share a common suffix or parent domainInitial Version

Reported by: Richard Wall Owned by:
Priority: normal Milestone:
Component: names Keywords:
Cc: Branch:
Author:

Description

twistd dns loads pyzones and bindzones in the order they are provided on the command line.

If you load these three zones (each containing a www IN A record) in this order:

  1. example-domain.com
  2. long-example-domain.com
  3. subdomain.example-domain.com

And query for www.long-example-domain.com you get NXDomain.

If you instead load long-example-domain.com first, the query will succeed.

The same problem occurs for subdomains.

Part of the problem is that t.n.authority.FileAuthority._lookup does the following check in source:trunk/twisted/names/authority.py#L132

132                 if name.lower().endswith(self.soa[0].lower()):

Instead it should test for a common tail in a sequence of domain name labels.

Additionally, in the current ResolverChain system - where all zones are queried in sequence, until a result is found - I think subdomain zones need to be queried before their parent zones.

This applies to the whole sequence of BindAuthority, PySourceAuthority and SecondaryAuthorityService that get loaded in t.n.tap.py. and passed t.n.server.DNSServerFactory.

Change History (0)

Note: See TracTickets for help on using tickets.