Description of problem:
When using a URI resource record, bind adds an additional length byte to the value field.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Add a URI type record to the zonefile
2. Query the record
result: 10 1 "Xvalue" where X is the ascii representation of the length byte.
Result: 10 1 "value"
I've heard this happens because https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=f1b4e7c31a70f6842bc96f55851cc4e70d7cbe3d is not in RHEL.
It seems it is more than just cosmetic change. Bind 9.9 uses different format for URI record. More recent resolvers will see one character before, that is not part of URI. However if Bind 9.9 should cache URI record in more recent format, it will always refuse it as invalid, returning always SERVFAIL. That is regression from RHEL6, because older BIND will pass it to clients, even if it does not understand it.
I made a new bug for it https://bugzilla.redhat.com/show_bug.cgi?id=1404412
Changes supported format of URI record. Recent Bind servers (9.10+) take URI length from record length, do not use first byte as length. That changed since 9.9.6b1, changing URI support from https://www.ietf.org/archive/id/draft-faltstrom-uri-06.txt to https://www.ietf.org/archive/id/draft-faltstrom-uri-08.txt, later assigned as https://datatracker.ietf.org/doc/rfc7553/
It might be possible to support both variants (former 06 and later 08 draft) on the receiving side. But it seems it will not be possible universally for any URI, only for records where I can say for sure it does not use later format. It will always send records to clients in the later format.
This bug was fixed along with CAA addition on bug #1306610. Even if that was more a mistake, it applied exactly what would fix the former and this bug. The fix is complete.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.