View Issue Details

IDProjectCategoryView StatusLast Update
0006001GNUnetGNSpublic2020-01-08 09:52
ReporterChristian GrothoffAssigned ToChristian Grothoff 
PrioritynormalSeveritycrashReproducibilityhave not tried
Status closedResolutionno change required 
Platformi7OSDebian GNU/LinuxOS Versionsqueeze
Product VersionGit master 
Target Version0.12.2Fixed in Version0.12.1 
Summary0006001: GNS recursion may go forever under very particular circumstances
DescriptionGNS (as per LSD0001) may delegate to the *system resolver* (GNUNET_RESOLVER_get_ip()) when encountering a CNAME. The system resolver may in turn call on GNS *if* the respective TLD is configured to be in GNS (for the user running gnunet-service-gns). In this case, the recursion limit is not obeyed.
Steps To ReproduceSetup GNS with NSS integration. Create CNAME record in GNS to point to itself (i.e. value in zone bar under label rec). Ensure 'rec' is recognized by NSS.
TagsNo tags attached.


Christian Grothoff

2020-01-08 09:52

manager   ~0015247

Actually not, because libgnunetresolver does never trigger NSS in the current implementation, as it does its own asynchronous recursive DNS resolution. Hence it violates a 'SHOULD' clause in lsd0001, which at the same time makes it easy to satisfy the bounded recursion property.

Issue History

Date Modified Username Field Change
2019-12-20 10:34 Christian Grothoff New Issue
2019-12-20 10:34 Christian Grothoff Assigned To => Christian Grothoff
2019-12-20 10:34 Christian Grothoff Status new => assigned
2019-12-25 12:26 Christian Grothoff Target Version 0.12.1 => 0.12.2
2020-01-08 09:52 Christian Grothoff Status assigned => closed
2020-01-08 09:52 Christian Grothoff Resolution open => no change required
2020-01-08 09:52 Christian Grothoff Fixed in Version => 0.12.1
2020-01-08 09:52 Christian Grothoff Note Added: 0015247