Bug #11563
open
BIND GUI writes TXT records > 255 characters
0%
Description
System: Netgate SG-3100, 2.4.5_1 (I checked the git log for pfSense-pkg-bind and didn't see a more recent fix.)
The BIND GUI will write TXT records > 255 characters, causing an invalid zone and loss of DNS service.
To be valid BIND 9 syntax the long TXT record needs to be broken up into:
( "LESS THAN 255"
"LESS THAN 255"
"REMAINDER STILL LESS THAN 255" )
This occurs easily (always?) with DKIM keys.
For ease-of-use, the GUI should probably re-combine the record for easy editing in the GUI upon load and make the BIND syntax transparent to the user.
Updated by Andreas Pross over 1 year ago
It seems a bit outdated but I am currently working on a fix for that.
It just needs some testing.
https://github.com/pfsense/FreeBSD-ports/pull/1256
Updated by Azamat Khakimyanov 5 months ago
- Status changed from New to Confirmed
I tested it on 24.03-RELEASE (Bind 9.17) and on 24.08-DEVELOPMENT (Bind 9.18)
When I added some text with more than 256 symbols as a TXT record, Bind failed to load my zone with this error in log:
Jun 11 07:19:24 named 48899 dns_rdata_fromtext: /etc/namedb/master/MyView/testdomain.lanlocal.DB:25: syntax error
Jun 11 07:19:24 named 48899 zone testdomain.lanlocal/IN/MyView (unsigned): loading from master file /etc/namedb/master/MyView/testdomain.lanlocal.DB failed: syntax error
Jun 11 07:19:24 named 48899 zone testdomain.lanlocal/IN/MyView (unsigned): not loaded due to errors.
With text which had exactly 256 symbols, everything worked correctly.
When I divide this text into several pieces, no more than 256 symbols each, like "first part of text""second part""third part" etc, Bind loaded my zone with such TXT record without any errors.