(no subject)
|
View:
New views
4 Messages
—
Rating Filter:
Alert me
|
 |
(no subject)
by Christian Möller-2
::
Rate this Message:
Hi,
I've testing dnsjava lib with DNSsec and it seems that the AD flag (authenticated data) within a response is not recognized correctly. Here is the header section of a response I've received asking nameserver a.ns.se for A records of google.se (for testing purposes): ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24516 ;; flags: qr ; qd: 1 an: 0 au: 6 ad: 1 ;; QUESTIONS: ;; google.se., type = A, class = IN [...] But asking response's org.xbill.DNS.Message header for Flag.AD fails: org.xbill.DNS.Message response = ... response.getHeader().getFlag(org.xbill.DNS.Flags.AD); // returns "false" Asking header for other flags (like Flags.QR in this example) succeeds, so what's going wrong here? Is it a bug or am I missing something? Greetings Christian -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ dnsjava-users mailing list dnsjava-users@... https://lists.sourceforge.net/lists/listinfo/dnsjava-users |
|
|
Re:
by Brian Wellington
::
Rate this Message:
On Sep 30, 2009, at 1:27 AM, "Christian Möller" <dcmoeller@...>
wrote: > Hi, > > I've testing dnsjava lib with DNSsec and it seems that the AD flag > (authenticated data) within a response is not recognized correctly. > > Here is the header section of a response I've received asking > nameserver a.ns.se for A records of google.se (for testing purposes): > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24516 > ;; flags: qr ; qd: 1 an: 0 au: 6 ad: 1 > ;; QUESTIONS: > ;; google.se., type = A, class = IN > [...] > > But asking response's org.xbill.DNS.Message header for Flag.AD fails: > > org.xbill.DNS.Message response = ... > response.getHeader().getFlag(org.xbill.DNS.Flags.AD); // returns > "false" Unless I'm missing something, this is because the AD bit isn't set. > Asking header for other flags (like Flags.QR in this example) > succeeds, so what's going wrong here? Is it a bug or am I missing > something? The QR flag is set. There are no other flags set, so asking for any other one will return false. Is it possible that you're misreading the dig ouptut? The "ad" in there refers to the count of records in the additional section, not a flag. > Brian ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ dnsjava-users mailing list dnsjava-users@... https://lists.sourceforge.net/lists/listinfo/dnsjava-users |
|
|
Re: Flags.AD missing on DNSSEC response header
by Christian Möller-2
::
Rate this Message:
Hi Brian
> > I've testing dnsjava lib with DNSsec and it seems that the AD flag > > (authenticated data) within a response is not recognized correctly. > > > > Here is the header section of a response I've received asking > > nameserver a.ns.se for A records of google.se (for testing purposes): > > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24516 > > ;; flags: qr ; qd: 1 an: 0 au: 6 ad: 1 > > ;; QUESTIONS: > > ;; google.se., type = A, class = IN > > [...] > > > > But asking response's org.xbill.DNS.Message header for Flag.AD fails: > > > > org.xbill.DNS.Message response = ... > > response.getHeader().getFlag(org.xbill.DNS.Flags.AD); // returns > > "false" > > Unless I'm missing something, this is because the AD bit isn't set. > > > Asking header for other flags (like Flags.QR in this example) > > succeeds, so what's going wrong here? Is it a bug or am I missing > > something? > > The QR flag is set. There are no other flags set, so asking for any > other one will return false. > > Is it possible that you're misreading the dig ouptut? The "ad" in > there refers to the count of records in the additional section, not a > flag. Indeed, you're right! Sorry for any inconvenience and thanks for opening my eyes. But what the hell drives them to give different concepts the same abbreviation? Maybe checking attentiveness of the reader? ;-) Christian -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ dnsjava-users mailing list dnsjava-users@... https://lists.sourceforge.net/lists/listinfo/dnsjava-users |
|
|
Re: Flags.AD missing on DNSSEC response header
by Brian Wellington
::
Rate this Message:
On Sep 30, 2009, at 11:23 PM, Christian Möller wrote:
> Hi Brian > >>> I've testing dnsjava lib with DNSsec and it seems that the AD flag >>> (authenticated data) within a response is not recognized correctly. >>> >>> Here is the header section of a response I've received asking >>> nameserver a.ns.se for A records of google.se (for testing >>> purposes): >>> >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24516 >>> ;; flags: qr ; qd: 1 an: 0 au: 6 ad: 1 >>> ;; QUESTIONS: >>> ;; google.se., type = A, class = IN >>> [...] >>> >>> But asking response's org.xbill.DNS.Message header for Flag.AD >>> fails: >>> >>> org.xbill.DNS.Message response = ... >>> response.getHeader().getFlag(org.xbill.DNS.Flags.AD); // returns >>> "false" >> >> Unless I'm missing something, this is because the AD bit isn't set. >> >>> Asking header for other flags (like Flags.QR in this example) >>> succeeds, so what's going wrong here? Is it a bug or am I missing >>> something? >> >> The QR flag is set. There are no other flags set, so asking for any >> other one will return false. >> >> Is it possible that you're misreading the dig ouptut? The "ad" in >> there refers to the count of records in the additional section, not a >> flag. > > Indeed, you're right! Sorry for any inconvenience and thanks for > opening my eyes. > But what the hell drives them to give different concepts the same > abbreviation? Maybe checking attentiveness of the reader? ;-) No problem. As to why the abbreviations are the same - that's a good question. The flags are usually printed in capital letters, which helps a bit, but dig (the original dig, from which dnsjava's dig header format was copied) doesn't do that. Brian ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ dnsjava-users mailing list dnsjava-users@... https://lists.sourceforge.net/lists/listinfo/dnsjava-users |
| Free embeddable forum powered by Nabble | Forum Help |
