| Message ID | 20230406012136.10096-1-crrodriguez@opensuse.org |
|---|---|
| State | Changes Requested |
| Headers |
Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 0BB6E385842E for <patchwork@sourceware.org>; Thu, 6 Apr 2023 01:22:16 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0BB6E385842E DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1680744136; bh=j2NEGhi1AoFYbNDAAeqceW+ZJ4RXVnsd0/EuiudUAn4=; h=To:Cc:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=oLHwwcIXRu4e7tccArfXLIyRSWrD4DWr2IL8i/fsIeZNVLk40S3jrsZfRtR/JbiLm I5lxhtfXQpnJPR/DScQzNaUlHLrv1FiVD69cdXxxAMX+K5LPhAiw7SBU70phQXN3UH 9bBN3j9OshNDLLuooWcjqKmMSpRVKqWEEI8mTmxs= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-ot1-f48.google.com (mail-ot1-f48.google.com [209.85.210.48]) by sourceware.org (Postfix) with ESMTPS id 39CF03858D20 for <libc-alpha@sourceware.org>; Thu, 6 Apr 2023 01:21:42 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 39CF03858D20 Received: by mail-ot1-f48.google.com with SMTP id o25-20020a9d4119000000b006a11eb19f8eso18824560ote.5 for <libc-alpha@sourceware.org>; Wed, 05 Apr 2023 18:21:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680744101; x=1683336101; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=j2NEGhi1AoFYbNDAAeqceW+ZJ4RXVnsd0/EuiudUAn4=; b=1ibGsETUUO5sftsv8zRPp2OEsQfBo646lla07I4kyRDImL3K+unM3ldisDODtSFKIo HrmAaVVzHq0M6Q+fDmU45l/Kd5t4P6QZBah7VGprDa3bZBoddtQsnMdo58QsAUDCoTGl bgfSfsRHtGGkDa0FGOZ7gT00n8uHuni/9s07jqGjFVimLYFiUM8jSZOupG0c4iw9+HT9 cDSYO1zQCy7QbTnmXaMGjbVLpkEmLkPxYaU4VSpWuF4fG9vUd2y6iZFcFqKwOmWQblej xPamZLOZvjmzYWyO0x8XC1jGHn0nBelvnaXifCsBT2lbOuWU3zt/NaBpW3yQoBhfXkyC TfDg== X-Gm-Message-State: AAQBX9dvbjeVkr9x1GSmSK6ibEeM1/DOiGTK7L4VJ7oyPPGQsOFR9Fmn xehIyYcRWpigLk4mI0emVSPpCWd1dwE= X-Google-Smtp-Source: AKy350Z8JHwTD41bnALiZFpboWj7CJdZsnEt65hHozhqCu+AwLCZEk63Z1LMbD6OyBKPznIRBjoHwA== X-Received: by 2002:a9d:7588:0:b0:6a1:2c80:5a3f with SMTP id s8-20020a9d7588000000b006a12c805a3fmr2006377otk.19.1680744101284; Wed, 05 Apr 2023 18:21:41 -0700 (PDT) Received: from tumbleweedvm.. (181-162-6-113.baf.movistar.cl. [181.162.6.113]) by smtp.gmail.com with ESMTPSA id m13-20020a0568301e6d00b0069faa14e99fsm202938otr.10.2023.04.05.18.21.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Apr 2023 18:21:40 -0700 (PDT) To: libc-alpha@sourceware.org Cc: =?utf-8?q?Cristian_Rodr=C3=ADguez?= <crrodriguez@opensuse.org> Subject: [PATCH] resolv: set edns max buffer size to 1232 Date: Thu, 6 Apr 2023 01:21:36 +0000 Message-Id: <20230406012136.10096-1-crrodriguez@opensuse.org> X-Mailer: git-send-email 2.40.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-9.8 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN, FREEMAIL_FROM, GIT_PATCH_0, HEADER_FROM_DIFFERENT_DOMAINS, KAM_DMARC_STATUS, KAM_NUMSUBJECT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=subscribe> From: =?utf-8?q?Cristian_Rodr=C3=ADguez_via_Libc-alpha?= <libc-alpha@sourceware.org> Reply-To: =?utf-8?q?Cristian_Rodr=C3=ADguez?= <crrodriguez@opensuse.org> Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org> |
| Series |
resolv: set edns max buffer size to 1232
|
|
Checks
| Context | Check | Description |
|---|---|---|
| dj/TryBot-apply_patch | success | Patch applied to master at the time it was sent |
| dj/TryBot-32bit | fail | Patch caused testsuite regressions |
Commit Message
Cristian Rodríguez
April 6, 2023, 1:21 a.m. UTC
Year 2020, Large scale DNS operators and software vendors
agreed to set the maximum edns buffer size to 1232.
BIND9(1), NSD(2), unbound (3), dnsmasq etc currently use this as
default, libc resolver should too.
1. https://downloads.isc.org/isc/bind9/9.16.8/doc/arm/html/notes.html#feature-changes
2. https://www.nlnetlabs.nl/news/2020/Oct/08/nsd-4.3.3-released/
3. https://www.nlnetlabs.nl/news/2020/Oct/08/unbound-1.12.0-released/
Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org>
---
resolv/resolv-internal.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
ping? should not be a controversial thing to do. Most software out there already does. On Wed, Apr 5, 2023 at 9:21 PM Cristian Rodríguez <crrodriguez@opensuse.org> wrote: > Year 2020, Large scale DNS operators and software vendors > agreed to set the maximum edns buffer size to 1232. > > BIND9(1), NSD(2), unbound (3), dnsmasq etc currently use this as > default, libc resolver should too. > > 1. > https://downloads.isc.org/isc/bind9/9.16.8/doc/arm/html/notes.html#feature-changes > 2. https://www.nlnetlabs.nl/news/2020/Oct/08/nsd-4.3.3-released/ > 3. https://www.nlnetlabs.nl/news/2020/Oct/08/unbound-1.12.0-released/ > > Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org> > --- > resolv/resolv-internal.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/resolv/resolv-internal.h b/resolv/resolv-internal.h > index c55f3c0366..c79d5f2135 100644 > --- a/resolv/resolv-internal.h > +++ b/resolv/resolv-internal.h > @@ -67,7 +67,7 @@ enum > spoofing attacks because the randomness in a DNS packet is > concentrated in the first fragment (with the headers) and does > not protect subsequent fragments. */ > - RESOLV_EDNS_BUFFER_SIZE = 1200, > + RESOLV_EDNS_BUFFER_SIZE = 1232, > }; > > struct resolv_context; > -- > 2.40.0 >
On 11/04/23 10:43, Cristian Rodríguez via Libc-alpha wrote: > ping? should not be a controversial thing to do. Most software out there > already does. > LGTM, although I am not really sure about the implications of this change. The links you provided does say it is a conservative change thou. > > On Wed, Apr 5, 2023 at 9:21 PM Cristian Rodríguez <crrodriguez@opensuse.org> > wrote: > >> Year 2020, Large scale DNS operators and software vendors >> agreed to set the maximum edns buffer size to 1232. >> >> BIND9(1), NSD(2), unbound (3), dnsmasq etc currently use this as >> default, libc resolver should too. >> >> 1. >> https://downloads.isc.org/isc/bind9/9.16.8/doc/arm/html/notes.html#feature-changes >> 2. https://www.nlnetlabs.nl/news/2020/Oct/08/nsd-4.3.3-released/ >> 3. https://www.nlnetlabs.nl/news/2020/Oct/08/unbound-1.12.0-released/ >> >> Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org> >> --- >> resolv/resolv-internal.h | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/resolv/resolv-internal.h b/resolv/resolv-internal.h >> index c55f3c0366..c79d5f2135 100644 >> --- a/resolv/resolv-internal.h >> +++ b/resolv/resolv-internal.h >> @@ -67,7 +67,7 @@ enum >> spoofing attacks because the randomness in a DNS packet is >> concentrated in the first fragment (with the headers) and does >> not protect subsequent fragments. */ >> - RESOLV_EDNS_BUFFER_SIZE = 1200, >> + RESOLV_EDNS_BUFFER_SIZE = 1232, >> }; >> >> struct resolv_context; >> -- >> 2.40.0 >>
On 12/04/23 09:40, Adhemerval Zanella Netto wrote: > > > On 11/04/23 10:43, Cristian Rodríguez via Libc-alpha wrote: >> ping? should not be a controversial thing to do. Most software out there >> already does. >> > > LGTM, although I am not really sure about the implications of this change. > The links you provided does say it is a conservative change thou. In fact, it has triggered a regressions [1]. [1] https://www.delorie.com/trybots/32bit/18723/
On Fri, Apr 14, 2023 at 7:45 AM Adhemerval Zanella Netto < adhemerval.zanella@linaro.org> wrote: > > > On 12/04/23 09:40, Adhemerval Zanella Netto wrote: > > > > > > On 11/04/23 10:43, Cristian Rodríguez via Libc-alpha wrote: > >> ping? should not be a controversial thing to do. Most software out there > >> already does. > >> > > > > LGTM, although I am not really sure about the implications of this > change. > > The links you provided does say it is a conservative change thou. > > In fact, it has triggered a regressions [1]. > > [1] https://www.delorie.com/trybots/32bit/18723/ huh. the tests do not expect this.. I'll check that..sorry.
diff --git a/resolv/resolv-internal.h b/resolv/resolv-internal.h index c55f3c0366..c79d5f2135 100644 --- a/resolv/resolv-internal.h +++ b/resolv/resolv-internal.h @@ -67,7 +67,7 @@ enum spoofing attacks because the randomness in a DNS packet is concentrated in the first fragment (with the headers) and does not protect subsequent fragments. */ - RESOLV_EDNS_BUFFER_SIZE = 1200, + RESOLV_EDNS_BUFFER_SIZE = 1232, }; struct resolv_context;