can I provide invalid HTTPS values for testing?
Mark Andrews
marka at isc.org
Thu Jun 20 07:04:12 UTC 2024
> On 20 Jun 2024, at 15:29, Michael Richardson <mcr at sandelman.ca> wrote:
>
>
> Mark Andrews <marka at isc.org> wrote:
>> Named and nsupdate validate input for types they know about (both text
>> and wire). You would have to use versions that are not HTTPS aware and
>> use unknown type format.
>
> So, he could code it in Perl or Python or something which had a dynamic DNS
> library. Bind itself wouldn't validate the "ascii-hex" part when it receives
> it.
Named will reject HTTPS records that it can determine are invalid. This includes
in UPDATE requests. The server will return FORMERR to the dynamic update client.
See lib/dns/rdata/in_1/svcb_64.c for all the checks performed.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20240620/265f9c09/attachment-0001.htm>
More information about the bind-users
mailing list