Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 24 Jun 2022 19:14:10 +0200
From: Markus Geiger <markus.geiger@...lsen.com>
To: musl@...ts.openwall.com
Subject: Re: [BUG] Non-FQDN domain resolving failure on musl-1.2.x

Sorry: not Amazon DNS – 10.204.109.209 is a BIND server in our network
we've setup to work with our global VPN/DNS.

BUT the strange thing is that the domain lookup works with musl-1.1.24
while with some musl-1.2.x just quits with an error.

a comparison with the docker runs and `sudo tcpdump -v -i docker0 udp port
53 or tcp port 53` did not bring up any diffs except the list of A records
returned is in a different order (which i think is completely normal). the
order of requests is the same

tcpdump from working version:
>   bind-us-east-1a.XXXXXXXXXXXXXX.domain > 172.17.0.3.45501: 18685 9/13/8
slack.com. A 3.95.117.96, slack.com. A 34.231.24.224, slack.com. A
54.163.235.119, slack.com. A 54.147.59.169, slack.com. A 34.193.255.5,
slack.com. A 34.204.109.226, slack.com. A 34.225.62.185, slack.com. A
34.203.97.10, slack.com. A 54.92.199.186 (510)

tcpdump from non-working version:
>   bind-us-east-1a.XXXXXXXXXXXXXX.domain > 172.17.0.3.59951: 49211 9/13/8
slack.com. A 34.225.62.185, slack.com. A 54.163.235.119, slack.com. A
34.231.24.224, slack.com. A 54.147.59.169, slack.com. A 34.193.255.5,
slack.com. A 34.204.109.226, slack.com. A 54.92.199.186, slack.com. A
3.95.117.96, slack.com. A 34.203.97.10 (510)

Complete log:

    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49211+ A? slack.com. (27)
18:56:19.990087 IP (tos 0x0, ttl 64, id 10210, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:20.154990 IP (tos 0x0, ttl 250, id 17825, offset 0, flags [none],
proto UDP (17), length 538)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49211 9/13/8 slack.com. A 34.225.62.185, slack.com. A 54.163.235.119,
slack.com. A 34.231.24.224, slack.com. A 54.147.59.169, slack.com. A
34.193.255.5, slack.com. A 34.204.109.226, slack.com. A 54.92.199.186,
slack.com. A 3.95.117.96, slack.com. A 34.203.97.10 (510)
18:56:20.241377 IP (tos 0x0, ttl 250, id 17846, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:20.241501 IP (tos 0x0, ttl 64, id 10233, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:20.401765 IP (tos 0x0, ttl 250, id 17879, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:20.401831 IP (tos 0x0, ttl 64, id 10247, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:20.563915 IP (tos 0x0, ttl 250, id 17906, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:20.563946 IP (tos 0x0, ttl 64, id 10300, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:20.801072 IP (tos 0x0, ttl 250, id 17915, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:20.801187 IP (tos 0x0, ttl 64, id 10392, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:20.961903 IP (tos 0x0, ttl 250, id 17948, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:22.492127 IP (tos 0x0, ttl 64, id 10410, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:22.745884 IP (tos 0x0, ttl 250, id 18135, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:22.745930 IP (tos 0x0, ttl 64, id 10492, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:22.906904 IP (tos 0x0, ttl 250, id 18171, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:22.906941 IP (tos 0x0, ttl 64, id 10548, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:23.067742 IP (tos 0x0, ttl 250, id 18209, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:23.067773 IP (tos 0x0, ttl 64, id 10559, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:23.228046 IP (tos 0x0, ttl 250, id 18244, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:23.228083 IP (tos 0x0, ttl 64, id 10598, offset 0, flags [DF], proto
UDP (17), length 55)
    172.17.0.3.59951 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
49334+ AAAA? slack.com. (27)
18:56:23.388598 IP (tos 0x0, ttl 250, id 18274, offset 0, flags [none],
proto UDP (17), length 55)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.59951:
49334 ServFail 0/0/0 (27)
18:56:24.998168 IP (tos 0x0, ttl 64, id 10759, offset 0, flags [none],
proto UDP (17), length 55)
    172.17.0.3.55720 > bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain:
2282+ ANY? slack.com. (27)
18:56:25.199844 IP (tos 0x0, ttl 250, id 18505, offset 0, flags [none],
proto UDP (17), length 538)
    bind-us-east-1a.XXXXXXXXXXXXXXXXXXXXXXXXXx.domain > 172.17.0.3.55720:
2282 9/13/8 slack.com. A 34.231.24.224, slack.com. A 34.193.255.5, slack.com.
A 54.163.235.119, slack.com. A 54.92.199.186, slack.com. A 54.147.59.169,
slack.com. A 3.95.117.96, slack.com. A 34.225.62.185, slack.com. A
34.204.109.226, slack.com. A 34.203.97.10 (510)

Thanks for looking into!

Greetings,
Markus

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.