Bug #10844
closed
DHCPv6 service Dynamic DNS revisions made to fix Bug #10346 violates RFC/is too restrictive
100%
Description
The GUI syntax checking changes made in the submitted revisions regarding the "DDNS Domain Key Name" is actually not necessary and violates RFC2845 section 2.3 (The name of the key used in domain name syntax).
After the last revision the GUI doesn't allow neither dots nor underscores (the dots seems to be disallowed by mistake). However the ISC DHCP daemon supports both (though, domain name keys starting with underscores requires some quoting):
The ISC DHCPd in pfSense starts perfectly fine with this config:
key tsig-123456.dynv6.com {
algorithm hmac-sha512;
secret somethingsecret;
}
zone lan.skrog.dk. {
primary6 2001:db8::;
key tsig-123456.dynv6.com;
}
And if the domain name key starts with an underscore it needs to be qouted this this:
key "_123456._tsig.dynv6.com" {
algorithm hmac-sha512;
secret somethingsecret;
}
zone lan.skrog.dk. {
primary6 2001:db8::;
key "_123456._tsig.dynv6.com";
}
I'd suggest just quoting the user input regardless, to avoid ISC crashing if underscores are used.
I appologize in advance if I'm supposed to handle bugs regarding a previous bugfix differently, but as the other one is marked as closed, I figured I had to open a new request.
/Kewin
Updated by Viktor Gurov 
Updated by 
Updated by 
Updated by