Re: Name resolution and underscores? www.engadget.com
Hi, RVP writes: > On Mon, 19 Jan 2026, Paul Ripke wrote: > >> Do we check for underscores somewhere in name resolution? >> > > Yes. > >> I know that RFC 1035 disallows them from hostnames... >> > > That's it. > >> I had a quick browse of our code and nothing obvious stood out. >> > > I think: > > src/lib/libc/net/gethnamaddr.c: > > gethostbyname() > gethostbyname_r() -> gethostbyname_internal() -> > nsdispatch() -> _dns_gethtbyname() -> getanswer() -> > > name_ok = res_hnok / maybe_ok() > > This works--see resolv.conf(5): > > # echo 'options no-check-names' >> /etc/resolv.conf If you use dhcpcd(8), it regenerates /etc/resolv.conf at every invocations. # echo 'resolv_conf_options=no-check-names' >> /etc/resolvconf.conf will add 'options no-check-names' to /etc/resolv.conf automatically. Thank you. > -RVP -- Ryo ONODERA // [email protected] PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
Re: Name resolution and underscores? www.engadget.com
Date:Tue, 20 Jan 2026 14:27:53 +1100 From:Paul Ripke Message-ID: | One wonders, given the increasingly broken state of the internet, if | the default is sane? It never was sane. RFC1035 does not specify any particular name syntax, other than that the length of each label be < 64 bytes (and at least 1), and that the overall name length be <= 255 bytes. Section 3.1 says quite clearly: Although labels can contain any 8 bit values in octets that make up a label, it is strongly recommended that labels follow the preferred syntax described elsewhere in this memo [...] which puts it beyond doubt that anything is permitted, just recommends that a less "generous" naming convention actually be used. The only weirdness is that it also specifies that ascii letter values (and nothing else) must do comparisons such that with upper and lower case variants of the same character compare equal (ie 0x65 == 0x97, etc). If you need any more reinforcement of that, you can check RFC2181. The only place there needs to be any standard for host names (beyond what the DNS requires, which is just lengths) is where the name is transferred as part of protocol data. E-mail is the primary one of those, and the e-mail RFCs specify the names allowed (not RFC1035). HTTP probably also has some restrictions, but I have never cared enough about that as a protocol to bother reading its spec, so I don't know what is required there - except that I believe that actually transferring the host name isn't necessarily required (though things can fail to work as intended for some setups if it isn't done). But since the resolver has no idea what a name looked up is to be used for, it has no business imposing any syntax rules upon its content at all - strictly it should even allow '.' chars to be a part of a label (ie, not the normal '.' that separates labels) but I don't know of any that provide a mechanism to allow that (which doesn't mean none do). Even \0 chars should be allowed, though I suspect there are few implementations where those would work properly. kre ps: Nothing in any of this means that there is any reason that whoever is registering names in any domain (from the root all the way down) is not permitted to limit the names (by syntax or content) in any way they please. That is, if you own (or control) a domain name, what subdomains of that get created is entirely up to you.
Re: Name resolution and underscores? www.engadget.com
On Tue, 20 Jan 2026, Paul Ripke wrote: One wonders, given the increasingly broken state of the internet, if the default is sane? I see freebsd doesn't have this option, [...] https://github.com/freebsd/freebsd-src/commit/5435230b4debdff793c682db1888730d91fd31de https://github.com/freebsd/freebsd-src/commit/a28076c8f76b16ef736b368b701722066f80a434 https://github.com/freebsd/freebsd-src/commit/0df21fef2d28724905c95e8ec7b12d7956e0ce24 Maybe NetBSD should allow a hyphen too? File a PR :) -RVP
Re: Name resolution and underscores? www.engadget.com
On Mon, Jan 19, 2026 at 12:53:53PM +, RVP wrote: > On Mon, 19 Jan 2026, Paul Ripke wrote: > > > Do we check for underscores somewhere in name resolution? > > Yes. > > > I know that RFC 1035 disallows them from hostnames... > > That's it. > > > I had a quick browse of our code and nothing obvious stood out. > > I think: > > src/lib/libc/net/gethnamaddr.c: > > gethostbyname() > gethostbyname_r() -> gethostbyname_internal() -> > nsdispatch() -> _dns_gethtbyname() -> getanswer() -> > > name_ok = res_hnok / maybe_ok() > > This works--see resolv.conf(5): > > # echo 'options no-check-names' >> /etc/resolv.conf Ah! Perfect! Checking resolv.conf(5) completely slipped my mind. One wonders, given the increasingly broken state of the internet, if the default is sane? I see freebsd doesn't have this option, and while linux has the option, it doesn't appear required in this case (although I didn't investigate why)? -- Paul Ripke "Great minds discuss ideas, average minds discuss events, small minds discuss people." -- Disputed: Often attributed to Eleanor Roosevelt. 1948.
Re: Name resolution and underscores? www.engadget.com
On Mon, 19 Jan 2026, Paul Ripke wrote: Do we check for underscores somewhere in name resolution? Yes. I know that RFC 1035 disallows them from hostnames... That's it. I had a quick browse of our code and nothing obvious stood out. I think: src/lib/libc/net/gethnamaddr.c: gethostbyname() > gethostbyname_r() -> gethostbyname_internal() -> nsdispatch() -> _dns_gethtbyname() -> getanswer() -> name_ok = res_hnok / maybe_ok() This works--see resolv.conf(5): # echo 'options no-check-names' >> /etc/resolv.conf -RVP
Name resolution and underscores? www.engadget.com
Do we check for underscores somewhere in name resolution? I know that RFC 1035 disallows them from hostnames... I had a quick browse of our code and nothing obvious stood out. Tested on netbsd-10 amd64, & current as of a few hours ago, amd64: ksh$ dig www.engadget.com ; <<>> DiG 9.18.24 <<>> www.engadget.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21276 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1220 ; COOKIE: 77f074b515e86de60100696dd54bb9e5020c3f647174 (good) ;; QUESTION SECTION: ;www.engadget.com. IN A ;; ANSWER SECTION: www.engadget.com. 41 IN CNAME engadget-ycpi-media_edge.g03.yahoodns.net. engadget-ycpi-media_edge.g03.yahoodns.net. 50 IN A 183.177.68.211 engadget-ycpi-media_edge.g03.yahoodns.net. 50 IN A 183.177.68.210 ;; Query time: 16 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) (UDP) ;; WHEN: Mon Jan 19 17:55:07 AEDT 2026 ;; MSG SIZE rcvd: 160 ksh$ ping www.engadget.com ping: Cannot resolve "www.engadget.com" (Unknown host) ksh$ dig www.engadget.com ; <<>> DiG 9.18.24 <<>> www.engadget.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6167 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1220 ; COOKIE: 65692c8e76429c950100696dd58a38d505be8f373aac (good) ;; QUESTION SECTION: ;www.engadget.com. IN ;; ANSWER SECTION: www.engadget.com. 154 IN CNAME engadget-ycpi-media_edge.g03.yahoodns.net. engadget-ycpi-media_edge.g03.yahoodns.net. 60 IN 2406:6e00:f048:1fa::3000 engadget-ycpi-media_edge.g03.yahoodns.net. 60 IN 2406:6e00:f048:1fa::2000 ;; Query time: 9 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) (UDP) ;; WHEN: Mon Jan 19 17:56:10 AEDT 2026 ;; MSG SIZE rcvd: 184 ksh$ ping6 www.engadget.com ping6: No address associated with hostname -- Paul Ripke "Great minds discuss ideas, average minds discuss events, small minds discuss people." -- Disputed: Often attributed to Eleanor Roosevelt. 1948.
