On Thursday 25 October 2012, Daniel-Constantin Mierla wrote: > On 10/25/12 4:33 PM, Alex Hermann wrote: > > On Thursday 25 October 2012, Juha Heinanen wrote: > >> an ipv6 address can thus never be a valid domain name. an ipv4 address, > >> on the other hand, is syntactically valid domain name and perhaps > >> someone has populated their local name server with such names. > > > > But the application (kamailio) should not attempt a DNS lookup if the > > hostname > > > is an IP(v4/v6) address, from RFC1123, section 2.1: > It does not if it is ipv4 and the target would be an A record, as well > as when it is ipv6 and the target would be an AAAA record. > > The thing here relates to disabling ipv6, resulting in only possible > target A record, for which ipv6 does not match an ipv4 format, resulting > in using the ipv6 for querying an A record. > > So some extra validation has to be added when one address family is > disabled by config, but such addresses can actually occur. > > Perhaps what Juha suggested with detecting an invalid hostname is the > best, avoiding querying for broken dns tokens.
Agreed, but simply detecting ip addresses may also be sufficient. Maybe do str2ip _and_ str2ip6 always, independent of the listening sockets. Even if the proxy doesn't use ipv6, doing an A lookup on a literal IPv6 or IPv6 refrence should be avoided. (Currently str2ip6 is skipped if the proxy doesn't listen on an IPv6 address) -- Met vriendelijke groet, Alex Hermann SpeakUp BV T: 088-SPEAKUP (088-7732587) F: 088-7732588 _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users