Bug#626472: libc6: gethostbyname fails if label ends with dash
Package: libc6
Version: 2.11.2-10
Severity: normal
Compare:
$ host foo-.tumblr.com
foo-.tumblr.com is an alias for proxy-tumblelogs.d1.tumblr.com.
proxy-tumblelogs.d1.tumblr.com has address 174.121.98.168
$
and
$ getent hosts foo-.tumblr.com
$ echo $?
2
$
By contrast:
$ getent hosts foo.tumblr.com
174.121.98.168 proxy-tumblelogs.d1.tumblr.com foo.tumblr.com
tcpdump/wireshark shows that the DNS query for foo-.tumblr.com does go
out, and is answered with the CNAME and A (for
proxy-tumblelogs.d1.tumblr.com), but gethostbyname just returns
failure with errno set to EBADMSG. Here's a test program that shows
that:
#include <stdio.h>
#include <error.h>
#include <netdb.h>
#include <sys/socket.h>
#include <errno.h>
int main (int argc, char *argv[]) {
char *hostname = "foo-.tumblr.com";
struct hostent *r=gethostbyname2(hostname, AF_INET);
perror("ghbn2 returned error");
return 0;
}
As a consequence, any program that uses gethostbyname (and possibly
other glibc name resolution interfaces) cannot resolve any domain name
that contain a label that ends with a dash, or possibly this is
limited to the ones that resolve to a CNAME.
Labels that end with a dash ("-") in in a domain name are not 100%
RFC-conformant, but they are used in the wild, e.g. in
http://barefeetdreams-.tumblr.com/
I presume that the DNS stub resolver of "other OS" accepts to resolve
such a name, else the author of the above page would have noticed her
blog is not reachable.
On a Debian GNU/Linux machine, trying to load this URL won't work,
obviously, because of this bug. You can work around that and check for
yourself there is an active website behind that address by adding
174.121.98.168 barefeetdreams-.tumblr.com
to /etc/hosts
For interoperability purposes, I think it would be best to accept such
"technically invalid" domains.
-- System Information:
Debian Release: squeeze/sid
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'stable'), (400, 'testing'), (300, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_LU.UTF-8, LC_CTYPE=fr_LU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libc6 depends on:
ii libc-bin 2.11.2-10 Embedded GNU C Library: Binaries
ii libgcc1 1:4.4.5-8 GCC support library
libc6 recommends no packages.
Versions of packages libc6 suggests:
ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy
ii glibc-doc 2.11.2-6+squeeze1 Embedded GNU C Library: Documentat
ii locales 2.11.2-6+squeeze1 Embedded GNU C Library: National L
-- debconf information:
* glibc/upgrade: true
* glibc/disable-screensaver:
glibc/restart-failed:
* glibc/restart-services: gdm openbsd-inetd exim4 cups cron
Reply to: