Software / code / prosody
Changeset
12129:7a68d5828f3b
net.resolvers: Report DNSSEC validation errors instead of NoError
Thanks Martin bringing this case to attention
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 28 Dec 2021 14:58:09 +0100 |
| parents | 12128:593e823566e1 |
| children | 12130:c4ca226ff386 |
| files | net/resolvers/basic.lua net/resolvers/service.lua |
| diffstat | 2 files changed, 13 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/net/resolvers/basic.lua Sun Dec 26 16:51:04 2021 +0100 +++ b/net/resolvers/basic.lua Tue Dec 28 14:58:09 2021 +0100 @@ -58,7 +58,9 @@ for _, record in ipairs(answer) do table.insert(targets, { self.conn_type.."4", record.a, self.port, self.extra }); end - if answer.status then + if answer.bogus then + self.last_error = "Validation error in A lookup"; + elseif answer.status then self.last_error = answer.status .. " in A lookup"; end else @@ -77,7 +79,9 @@ for _, record in ipairs(answer) do table.insert(targets, { self.conn_type.."6", record.aaaa, self.port, self.extra }); end - if answer.status then + if answer.bogus then + self.last_error = "Validation error in AAAA lookup"; + elseif answer.status then self.last_error = answer.status .. " in AAAA lookup"; end else @@ -96,7 +100,9 @@ for _, record in ipairs(answer) do table.insert(tlsa, record.tlsa); end - if answer.status then + if answer.bogus then + self.last_error = "Validation error in TLSA lookup"; + elseif answer.status then self.last_error = answer.status .. " in TLSA lookup"; end else
--- a/net/resolvers/service.lua Sun Dec 26 16:51:04 2021 +0100 +++ b/net/resolvers/service.lua Tue Dec 28 14:58:09 2021 +0100 @@ -55,6 +55,10 @@ if answer then if self.extra and not answer.secure then self.extra.use_dane = false; + elseif answer.bogus then + self.last_error = "Validation error in SRV lookup"; + ready(); + return; end if #answer == 0 then
