rfc:checkdnsrr-default-type

Request for Comments: Change checkdnsrr() $type argument behavior

Abstract

This RFC proposes that the default behavior of the checkdnsrr() function be changed such that it no longer checks only for MX records by default.

Background

The checkdnsrr() function is used to check if a given hostname exists. It's essentially PHP's basic DNS lookup function. It returns TRUE if the hostname is found, FALSE otherwise. It accepts 2 arguments, the $host as a string and the record $type as a string. The possible values for $type are: “A”, “MX”, “NS”, “SOA”, “PTR”, “CNAME”, “AAAA”, “A6”, “SRV”, “NAPTR”, “TXT”, and “ANY”. If “ANY”, it'll return TRUE regardless of the record type it finds.

Current Behavior

The $type argument is currently optional and defaults to “MX”.

The Problem

The current behavior is very counter-intuitive because the function is most commonly used for general DNS lookups. In most circumstances, these lookups are not for MX records. As a result, developers who implement this function without noticing the “MX” default in the documentation will have their DNS lookups fail even if the hostname is there. This can lead to a lot of time being wasted triaging what appears to be a DNS issue.

What makes this even more perplexing is the fact that there is already a function dedicated specifically for performing MX record lookups: getmxrr().

There does not appear to be any compelling use case for the default value for PHP's general DNS lookup function being “MX”.

Solution #1

Change the default value of $type from “MX” to “ANY”. This would be implemented in PHP 7.0.

Pros

This would be the most convenient and intuitive option for developers, as they'd only have to supply the hostname and it would return a general DNS lookup, which is what most people would expect.

Cons

Though the potential for BC breakage would be the same, this would make it much harder to spot since no error would be generated. Instead, it would just silently fail for anyone expecting the default to be “MX”. Concerns have also been raised on Internals that this could be a potential vector for amplification attacks.

Solution #2

Make the $type argument required. Starting in PHP 5.7, not including the second argument would cause an E_DEPRECATED to be thrown. Starting in PHP 7.0, it would throw an E_ERROR, causing script execution to abort.

Pros

For the relatively few instances in which a script is passing only one argument with the expectation that it be checking for “MX”, this will make it much easier for devs to spot this BC and adapt their code accordingly. It may also be less susceptible to amplification attacks.

Cons

The intuitive behavior for virtually any DNS lookup function/utility/etc is for it to accept a hostname and return whether there are any matches. Requiring people to specify a second “ANY” argument would be somewhat cumbersome and may raise complaints from devs who question why the behavior that the overwhelming number of users are looking for is not the default.

Final Thoughts

This one appears to be pretty much a no-brainer. I believe the much trickier question is whether to change the default or make the argument required. I'm honestly on the fence as far as that goes, so I would encourage everyone with an opinion on this to weigh-in and make their case on Internals.

Vote

Though this could be reasonably interpreted as language-touching and otherwise, I'll err on the side of caution and require the greater 2/3 majority in order for this RFC to pass. A separate vote will be held simultaneously to determine which solution will be implemented if the RFC passes. Whichever one gets the most votes will win.

Changelog

Version 1.00 : Initial proposal.

rfc/checkdnsrr-default-type.txt · Last modified: 2017/09/22 13:28 by 127.0.0.1