config-option "Store final dot in domains" does not effect SOA-checks for powerdns

When adding a dnszone (DNS-Plugin) the disabled config-option "Store final dot in domains" does not prevent the code from checking the SOA-Fields "Primary DNS server" and "Mail address" for a final dot.

The error message is: ---snip--- "Primary DNS server" must contain a fully qualified domain name in lowercase and end with a final dot.

Example: dns1.example.com. ---snip---

hello,

this is necessary for powerdns to not have dots at the end

Cheers

(from redmine: written on 2016-07-12)

I thought the content of the SOA field was a common standard, are you sure this won’t cause problems? Is there a source of documentation for this?

(from redmine: written on 2016-07-13)

Ok, https://doc.powerdns.com/md/authoritative/backend-ldap/ says «Warning: Host names and the MNAME of a SOA records are NEVER terminated with a '.' in PowerDNS storage! If a trailing '.' is present it will inevitably cause problems, problems that may be hard to debug.»

So, should we enforce not having the . at the end when the option is unchecked or should we allow both? For which tool was this option originally designed?

(from redmine: written on 2016-07-13)

Hah, you found that doc before I could answer...

I suggest to clone the already existing no-final-dot configuration-setting and make it a "no final dot in SOA-Record". I already found the code-line within the dns-plugin. It is a regex which should be easy to put in a if-else statement.

So you are more flexible regarding possible other DNS-frontends.

(from redmine: written on 2016-07-13)

I don’t want to add an option. Either we say when this option is unchecked SOA MUST not have a final dot, or we say that when it’s unchecked SOA MAY not have a final dot, depending on whether all tools which need this work alike or not.

(from redmine: written on 2016-07-13)

hello,

yes and for that we need to test with bind9 / bind9 sdb / powerdns etc ...

Cheers

(from redmine: written on 2016-07-13)

added technical discussion label

removed Bugs label

removed ~346 label

changed the description

removed milestone

So after double-check powerdns does not want final dots anywhere so there are at least several places where FD get it wrong even with final dot option unchecked:

• SOA MNAME field
• SOA email field
• NS record
• PTR records

So I think we should change so that when the option is unchecked final dot is forbidden in all places. Unless there is a third case where final dot is needed in some places and not others? (As far as I know bind need it everywhere so it should work with the option checked.)

added 1h of time spent at 2018-01-31

created branch 5001-config-option-store-final-dot-in-domains-does-not-effect-soa-checks

mentioned in commit 0a1ac14d

Test should include checking that when option is checked the final dot is there, even in PTR record.

added 45m of time spent at 2018-01-31

added To Be Tested label

removed technical discussion label

added PJ1802-0188 label

Tested on demo-dev, each time I tried to add a final dot I had an error message when the confguration option was unticked.

closed

added 30m of time spent at 2018-03-08

removed To Be Tested label

changed title from config-option "Store final dot in domains" does not effect SOA-checks to config-option "Store final dot in domains" does not effect SOA-checks for powerdns

added Added label