[rbldnsd] AAAA Queries?
Victor Duchovni
Victor.Duchovni at MorganStanley.com
Fri Jul 28 21:46:55 MSD 2006
On Fri, Jul 28, 2006 at 09:25:35PM +0400, Michael Tokarev wrote:
> > True for getaddrinfo(), but RBL lookups are not usually made from the
> > C-library getaddrinfo() routine. Rather RBL aware software makes
> > explicit DNS "T_A" lookups. If somebody writes broken RBL lookup
> > software that uses getaddrinfo() they need to be sent off for
> > "re-education"...
>
> Well. This stuff isn't this simple.
> It's trivial to write
>
> if (getaddrinfo(sprintf(..., ipaddr, dnsbl))) {
> ...
> }
Yes, but it is wrong...
> but it's *far* more complex to write a DNS client, even
> this simple one (I know because I did ;)
Yes, but this is the only correct way to do it...
> So "re-education" isn't quite a right word here.
I strongly disagree, because seemingly correct simple code, is worse
than no code.
> More, that getaddrinfo() version works, works right away (yes,
> it's still not complete, because we don't have TXT records).
Incomplete code does not "work"... And of course does not get
one the TXT records.
> Ditto for perl code for the same task.
Actually, Net::DNS is quite usable.
> gethostbyname() is
> here in standard install, but DNS-related things are huge
> slow monsters with difficult-to-use interface.
DNS is not "slow", it is always faster than getaddrinfo() making via
the nsswitch unnecessary local lookups in /etc/hosts and perhaps NIS
(shudder), first checking the "search ..." domains, and finally calling
DNS anyway. Yes code that is a DNS client requires some skill, not every
programming problem is for newbies....
RBL clients MUST NOT use getaddrinfo().
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
More information about the rbldnsd
mailing list