aboutsummaryrefslogtreecommitdiffstats
path: root/net/resolvers
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2021-12-28 14:58:09 +0100
committerKim Alvefur <zash@zash.se>2021-12-28 14:58:09 +0100
commite469d015af5df65342d5ed6072719e40a0f969df (patch)
tree1fbd319be2c5a4ce710966c9d63bedb52a4aec85 /net/resolvers
parent4261dc1d80e3813e50763e7643faa0dbcf6626f9 (diff)
downloadprosody-e469d015af5df65342d5ed6072719e40a0f969df.tar.gz
prosody-e469d015af5df65342d5ed6072719e40a0f969df.zip
net.resolvers: Report DNSSEC validation errors instead of NoError
Thanks Martin bringing this case to attention
Diffstat (limited to 'net/resolvers')
-rw-r--r--net/resolvers/basic.lua12
-rw-r--r--net/resolvers/service.lua4
2 files changed, 13 insertions, 3 deletions
diff --git a/net/resolvers/basic.lua b/net/resolvers/basic.lua
index 495a348e..305bce76 100644
--- a/net/resolvers/basic.lua
+++ b/net/resolvers/basic.lua
@@ -58,7 +58,9 @@ function methods:next(cb)
for _, record in ipairs(answer) do
table.insert(targets, { self.conn_type.."4", record.a, self.port, self.extra });
end
- if answer.status then
+ if answer.bogus then
+ self.last_error = "Validation error in A lookup";
+ elseif answer.status then
self.last_error = answer.status .. " in A lookup";
end
else
@@ -77,7 +79,9 @@ function methods:next(cb)
for _, record in ipairs(answer) do
table.insert(targets, { self.conn_type.."6", record.aaaa, self.port, self.extra });
end
- if answer.status then
+ if answer.bogus then
+ self.last_error = "Validation error in AAAA lookup";
+ elseif answer.status then
self.last_error = answer.status .. " in AAAA lookup";
end
else
@@ -96,7 +100,9 @@ function methods:next(cb)
for _, record in ipairs(answer) do
table.insert(tlsa, record.tlsa);
end
- if answer.status then
+ if answer.bogus then
+ self.last_error = "Validation error in TLSA lookup";
+ elseif answer.status then
self.last_error = answer.status .. " in TLSA lookup";
end
else
diff --git a/net/resolvers/service.lua b/net/resolvers/service.lua
index b476cb2c..3810cac8 100644
--- a/net/resolvers/service.lua
+++ b/net/resolvers/service.lua
@@ -55,6 +55,10 @@ function methods:next(cb)
if answer then
if self.extra and not answer.secure then
self.extra.use_dane = false;
+ elseif answer.bogus then
+ self.last_error = "Validation error in SRV lookup";
+ ready();
+ return;
end
if #answer == 0 then