mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 21:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

net.resolvers: Report DNSSEC validation errors instead of NoError

Browse source 
Thanks Martin bringing this case to attention
This commit is contained in:
Kim Alvefur 2021-12-28 14:58:09 +01:00
parent 4261dc1d80
commit e469d015af
2 changed files with 13 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

12
net/resolvers/basic.lua
View file

@ -58,7 +58,9 @@ function methods:next(cb)
for _, record in ipairs(answer) do
table.insert(targets, { self.conn_type.."4", record.a, self.port, self.extra });
end
if answer.status then
if answer.bogus then
self.last_error = "Validation error in A lookup";
elseif answer.status then
self.last_error = answer.status .. " in A lookup";
end
else
@ -77,7 +79,9 @@ function methods:next(cb)
for _, record in ipairs(answer) do
table.insert(targets, { self.conn_type.."6", record.aaaa, self.port, self.extra });
end
if answer.status then
if answer.bogus then
self.last_error = "Validation error in AAAA lookup";
elseif answer.status then
self.last_error = answer.status .. " in AAAA lookup";
end
else
@ -96,7 +100,9 @@ function methods:next(cb)
for _, record in ipairs(answer) do
table.insert(tlsa, record.tlsa);
end
if answer.status then
if answer.bogus then
self.last_error = "Validation error in TLSA lookup";
elseif answer.status then
self.last_error = answer.status .. " in TLSA lookup";
end
else

4
net/resolvers/service.lua
View file

@ -55,6 +55,10 @@ function methods:next(cb)
if answer then
if self.extra and not answer.secure then
self.extra.use_dane = false;
elseif answer.bogus then
self.last_error = "Validation error in SRV lookup";
ready();
return;
end
if #answer == 0 then