[SERVER-20762] Add support for unicode hostnames Created: 05/Oct/15  Updated: 01/Mar/23

Status: Backlog
Project: Core Server
Component/s: Networking
Affects Version/s: 3.1.8
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Spencer Jackson Assignee: Backlog - Service Architecture
Resolution: Unresolved Votes: 0
Labels: neweng
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Service Arch
Participants:

 Description   

SockAddr uses getaddrinfo to resolve hostnames. Unfortunately, on Windows, this needs to be GetAddrInfoW to resolve unicode hostnames. From Microsoft's documentation:

The Unicode version of this function is GetAddrInfoW. Developers are encouraged to use the GetAddrInfoW Unicode function rather than the getaddrinfo ANSI function.

Attempting resolution results in the following:

PS C:\Program Files\MongoDB\Server\3.1\bin> .\mongo.exe --sspiHostnameCanonicalization forwardAndReverse --host г.mongod
b-sec.com
MongoDB shell version: 3.1.9-pre-
connecting to: г.mongodb-sec.com:27017/test
2015-10-05T18:49:53.438+0000 I NETWORK  [thread1] getaddrinfo("г.mongodb-sec.com") failed: errno:11001 No such host is k
nown.
2015-10-05T18:49:53.439+0000 E QUERY    [thread1] Error: couldn't initialize connection to host г.mongodb-sec.com, addre
ss is invalid :
connect@src/mongo/shell/mongo.js:216:14
@(connect):1:6
 
exception: connect failed
PS C:\Program Files\MongoDB\Server\3.1\bin> ping г.mongodb-sec.com
 
Pinging г.mongodb-sec.com [172.31.33.50] with 32 bytes of data:
Request timed out.
 
Ping statistics for 172.31.33.50:

Linux appears to support unicode hostnames used in /etc/hosts, but not when speaking with an RFC compliant DNS server. If hostnames are manually converted to Punycode, they will work.

Windows appears to understand punycode during local name resolution, but the Windows DNS server does not seem to understand it when it is used in a request. According to this: https://technet.microsoft.com/en-us/library/cc779394%28v=ws.10%29.aspx the DNS server directly speaks UTF-8 by default.



 Comments   
Comment by Lauren Lewis (Inactive) [ 24/Feb/22 ]

We haven’t heard back from you for at least one calendar year, so this issue is being closed. If this is still an issue for you, please provide additional information and we will reopen the ticket.

Comment by Spencer Jackson [ 07/Oct/15 ]

I set up a local dnsmasq server on my Linux machine. './mongo -host Э' now fails, but './mongo --host xn-21a' works. That ASCII string is the punycode interpretation of 'Э'. So, unicode hostname are not directly supported under linux, but if their DNS servers are RFC compliant, can be manually made to work. Windows DNS servers, per https://technet.microsoft.com/en-us/library/cc779394%28v=ws.10%29.aspx, seem to default to using UTF-8 characters in hostnames. There seems to be some surprising behaviour here:

PS C:\Program Files\MongoDB\Server\3.1\bin> ping xn--c1a.mongodb-sec.com
Ping request could not find host xn--c1a.mongodb-sec.com. Please check the name and try again.
PS C:\Program Files\MongoDB\Server\3.1\bin> ping xn--c1a
 
Pinging г.mongodb-sec.com [172.31.7.30] with 32 bytes of data:
Reply from 172.31.7.30: bytes=32 time<1ms TTL=128
Reply from 172.31.7.30: bytes=32 time<1ms TTL=128
 
Ping statistics for 172.31.7.30:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
Control-C
PS C:\Program Files\MongoDB\Server\3.1\bin> ping г.mongodb-sec.com
 
Pinging г.mongodb-sec.com [172.31.7.30] with 32 bytes of data:
Reply from 172.31.7.30: bytes=32 time<1ms TTL=128
Reply from 172.31.7.30: bytes=32 time<1ms TTL=128
 
Ping statistics for 172.31.7.30:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
Control-C

So it looks like punycode does not work in DNS hostnames, but does work in local name resolution. I will amend the body of this ticket to include this information.

Comment by Spencer Jackson [ 07/Oct/15 ]

On my system, I modified my /etc/hosts to have a line which looks like:

127.0.0.1   localhost linux.site Э

I can then start a mongod and connect to it by:

% ./mongo --host Э                                                                                                                                                              :)
MongoDB shell version: 3.1.9-pre-
connecting to: Э:27017/test
...

Hmm. But retrying this under Windows, pointing г.mongodb-sec.com at the local address, yields this:

PS C:\Program Files\MongoDB\Server\3.1\bin> .\mongo.exe г.mongodb-sec.com
MongoDB shell version: 3.1.9-pre-
connecting to: г.mongodb-sec.com/test
2015-10-07T17:49:26.701+0000 I NETWORK  [thread1] getaddrinfo("г.mongodb-sec.com") failed: errno:11001 No such host is k
nown.
2015-10-07T17:49:26.702+0000 E QUERY    [thread1] Error: couldn't initialize connection to host г.mongodb-sec.com, addre
ss is invalid :
connect@src/mongo/shell/mongo.js:216:14
@(connect):1:6
 
exception: connect failed
PS C:\Program Files\MongoDB\Server\3.1\bin> .\mongo.exe г
MongoDB shell version: 3.1.9-pre-
connecting to: г
>
bye

Ping on the full hostname works correctly, so it appears that getaddrinfo might work on a unicode hostname which isn't a FQDN? I'll need to test this again on Linux with a hostname which is provided from a true DNS server, not /etc/hosts.

Comment by Mark Benvenuto [ 07/Oct/15 ]

Do we support IDN (Internationalized Domain Name) on Linux today? I am worried about this: https://en.wikipedia.org/wiki/IDN_homograph_attack.

Generated at Thu Feb 08 03:55:12 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.