Bug #10116 Reverse DNS starting with number and a period does not work
Submitted: 23 Apr 2005 19:51 Modified: 14 Jun 2013 0:27
Reporter: John W Email Updates:
Status: Won't fix Impact on me:
None 
Category:MySQL Server Severity:S4 (Feature request)
Version:4.0.24 OS:Linux (Linux)
Assigned to: CPU Architecture:Any

[23 Apr 2005 19:51] John W 
Description:
An IP with a reverse DNS starting with a number and a period such as:

1.domain.tld
2000.domain.tld

does not appear to resolve properly within MySQL when a host connects to the MySQL server from an IP resolving to it, even when both the reverse DNS and forward DNS match. As a result, MySQL tries to authenticate the user based on his bare IP address, which may not match the "Host" field of the grant table.

I'm testing this with version 4.0.24 client and server on separate machines using a variety of different reverse DNS entries. Entries starting with something different such as 1-something.domain.tld work correctly.

How to repeat:
Connect to a MySQL server using a reverse DNS entry starting with a number and a period.

Suggested fix:
This may relate to the failure of some sort of validation step being performed on the hostname.
[24 Apr 2005 18:06] Jorge del Conde 
root-/usr/local# mysql -uroot -h2000.mysql.com -P3306
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 4.0.25

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>
[24 Apr 2005 18:28] John W 
Take a closer look, you got it backwards.

If the client has a reverse DNS starting with a period, that causes the problem. It doesn't matter what the reverse DNS of the server is.

Let's say your client is at IP 1.1.1.1, which reverses to 1.mydomain.com. The server is at 2.2.2.2.

If you connect to the server from the client, 

> mysql -uroot -h2.2.2.2 -P3306

It will error out with something like

ERROR 1045: Access denied for user: 'root@1.1.1.1' (Using password: NO)

Which is not what it should say. It should say:

ERROR 1045: Access denied for user: 'root@1.mydomain.com' (Using password: NO)

That is because it can't handle 1.mydomain.com as a reverse DNS, and it reverts to using the IP.
[20 May 2005 16:35] Mikael Fridh 
I think PTR records which does not start with a letter are invalid.
Also, if the MySQL server allowed a PTR which starts with a number someone could easily abuse that.
It's been discussed many times before:

Imagine the following reverse record: 1.2.1.4.domain.com.
It would match a 'user'@'1.2.%' GRANT.
[14 Jun 2013 0:27] Matthew Lord 
Thank you for your feature request, and your help in making MySQL an even better product!