NetBSD Problem Report #49822

From tron@zhadum.org.uk  Tue Apr  7 11:57:00 2015
Return-Path: <tron@zhadum.org.uk>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 6720DA654B
	for <gnats-bugs@gnats.NetBSD.org>; Tue,  7 Apr 2015 11:57:00 +0000 (UTC)
Message-Id: <20150407115655.22598A3BA4E@mail.zhadum.org.uk>
Date: Tue,  7 Apr 2015 12:56:55 +0100 (BST)
From: tron@zhadum.org.uk
Reply-To: tron@zhadum.org.uk
To: gnats-bugs@NetBSD.org
Subject: "nsupdate" doesn't determine master server from SOA record
X-Send-Pr-Version: 3.95

>Number:         49822
>Category:       bin
>Synopsis:       "nsupdate" doesn't determine master server from SOA record
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Apr 07 12:00:00 +0000 2015
>Originator:     Matthias Scheler
>Release:        NetBSD 7.0_BETA 2015-03-13 sources
>Organization:
Matthias Scheler                                 https://zhadum.org.uk/
>Environment:
System: NetBSD colwyn.zhadum.org.uk 7.0_BETA NetBSD 7.0_BETA (GENERIC) #0: Fri Mar 13 19:51:26 GMT 2015 tron@colwyn.zhadum.org.uk:/objdir/tron/nb7/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:
nsupdate(1) contains this paragraph:

       The resource records that are dynamically added or removed with
       nsupdate have to be in the same zone. Requests are sent to the zone’s
       master server. This is identified by the MNAME field of the zone’s SOA
       record.

The problem is however that this is not what NetBSD's nsupdate(1) does.
It seems instead to send update requests blindly to the (first) nameserver
listed in "/etc/resolv.conf":

tron@colwyn:~>/usr/bin/nsupdate -k /usr/local/lib/dns/Kzhadum.intern.+157+05153.key
> update add test.zhadum.intern 86400 A 1.2.3.4
>
update failed: REFUSED

Using the "nsupdate" binary from the 9.10.2 package in "pkgsrc" works
as expected:

tron@colwyn:~>/usr/pkg/bin/nsupdate -k /usr/local/lib/dns/Kzhadum.intern.+157+05153.key
> update add test.zhadum.intern 86400 A 1.2.3.4
>
> ^D%
tron@colwyn:~>host test.zhadum.intern
test.zhadum.intern has address 1.2.3.4

This is similar to the problem reported in PR bin/49138. Something seems to
go wrong with our build of the "nsupdate" binary and the resulting executable
is severely limitted in its capabilities.

>How-To-Repeat:
Try to use "nsupdate" to update a DNS zone that is not hosted by the
(first) name server listed in "/etc/resolv.conf".

>Fix:
None provided

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.