Project

General

Profile

Actions

Bug #10844

closed

DHCPv6 service Dynamic DNS revisions made to fix Bug #10346 violates RFC/is too restrictive

Added by Kewin Christensen over 4 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Normal
Category:
DHCP (IPv6)
Target version:
Start date:
08/20/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.5-p1
Affected Architecture:
All

Description

The GUI syntax checking changes made in the submitted revisions regarding the "DDNS Domain Key Name" is actually not necessary and violates RFC2845 section 2.3 (The name of the key used in domain name syntax).

After the last revision the GUI doesn't allow neither dots nor underscores (the dots seems to be disallowed by mistake). However the ISC DHCP daemon supports both (though, domain name keys starting with underscores requires some quoting):

The ISC DHCPd in pfSense starts perfectly fine with this config:

key tsig-123456.dynv6.com {
        algorithm hmac-sha512;
        secret somethingsecret;
}
zone lan.skrog.dk. {
        primary6 2001:db8::;
        key tsig-123456.dynv6.com;
}

And if the domain name key starts with an underscore it needs to be qouted this this:

key "_123456._tsig.dynv6.com" {
        algorithm hmac-sha512;
        secret somethingsecret;
}
zone lan.skrog.dk. {
        primary6 2001:db8::;
        key "_123456._tsig.dynv6.com";
}

I'd suggest just quoting the user input regardless, to avoid ISC crashing if underscores are used.

I appologize in advance if I'm supposed to handle bugs regarding a previous bugfix differently, but as the other one is marked as closed, I figured I had to open a new request.

/Kewin

Actions

Also available in: Atom PDF