Bug #10844: DHCPv6 service Dynamic DNS revisions made to fix Bug #10346 violates RFC/is too restrictive - pfSense (original) (raw)
closed
DHCPv6 service Dynamic DNS revisions made to fix Bug #10346 violates RFC/is too restrictive
Affected Version:
2.4.5-p1
Affected Architecture:
All
Description
The GUI syntax checking changes made in the submitted revisions regarding the "DDNS Domain Key Name" is actually not necessary and violates RFC2845 section 2.3 (The name of the key used in domain name syntax).
After the last revision the GUI doesn't allow neither dots nor underscores (the dots seems to be disallowed by mistake). However the ISC DHCP daemon supports both (though, domain name keys starting with underscores requires some quoting):
The ISC DHCPd in pfSense starts perfectly fine with this config:
key tsig-123456.dynv6.com {
algorithm hmac-sha512;
secret somethingsecret;
}
zone lan.skrog.dk. {
primary6 2001:db8::;
key tsig-123456.dynv6.com;
}
And if the domain name key starts with an underscore it needs to be qouted this this:
key "_123456._tsig.dynv6.com" {
algorithm hmac-sha512;
secret somethingsecret;
}
zone lan.skrog.dk. {
primary6 2001:db8::;
key "_123456._tsig.dynv6.com";
}
I'd suggest just quoting the user input regardless, to avoid ISC crashing if underscores are used.
I appologize in advance if I'm supposed to handle bugs regarding a previous bugfix differently, but as the other one is marked as closed, I figured I had to open a new request.
/Kewin
Status changed from New to Pull Request Review
Target version set to 2.5.0
Status changed from Pull Request Review to Feedback
Assignee set to Renato Botelho
% Done changed from 0 to 100
PR has been merged. Thanks!
Tested on :
2.5.0-DEVELOPMENT (amd64) built on Thu Sep 17 13:55:47 EDT 2020 FreeBSD 12.2-PRERELEASE
It allows entering "." and "_" in the DNS Domain key field.
Ticket resolved.
Status changed from Feedback to Resolved
Category changed from DHCP (IPv4) to DHCP (IPv6)
Loading...