Ticket #512 (new enhancement)

Opened 11 months ago

Last modified 5 months ago

check-zone does not check NS RDATA NSDNAME

Reported by: peter Owned by: ahu
Priority: normal Milestone:
Component: auth Version: 3.2
Severity: normal Keywords:
Cc:

Description

If the content of an NS record is ' http://example.com/', check-zone does not complain. It should.

Change History

Changed 10 months ago by anon

[Ruben] I had a brief chat with Peter about this ticket on IRC. The interesting part is that DNS doesn't really care what you put as RDATA in your NS record. The result is that ' http://example.com' is handled correctly and dig even outputs this information nicely. Obviously this does not make it the right thing to do.

An extra check will/can be added to check-zone to see if the RDATA is a valid dns label. The same check should be added to MX, SRV and CNAME. Following this, some extra checks on the nameserver and hostmaster part of the SOA record can also be added.

Changed 5 months ago by peter

  • version changed from 3.1 to 3.2
Note: See TracTickets for help on using tickets.