fixed typo in resolver that cause hostnames not to be marked as authenticated (with DNSSec)

usually this wasn’t a problem as this is only the fallback after no IPs have been discovered. this also isn‘t a security issue as worst case is the hostname doesn’t get accepeted as fallback in cert validation. thanks @genofire for spotting this
2020-02-29 12:52:39 +01:00 · 2020-02-29 12:52:39 +01:00 · 0f40e7e73b
parent 5dd666257d
commit 0f40e7e73b
2 changed files with 6 additions and 4 deletions
--- a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
+++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
@ -651,7 +651,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
                                     final boolean wipe,
                                     final boolean firstAttempt) {
        final Bundle publishOptions = account.getXmppConnection().getFeatures().pepPublishOptions() ? PublishOptions.openAccess() : null;
-        IqPacket publish = mXmppConnectionService.getIqGenerator().publishBundles(
+        final IqPacket publish = mXmppConnectionService.getIqGenerator().publishBundles(
                signedPreKeyRecord, axolotlStore.getIdentityKeyPair().getPublicKey(),
                preKeyRecords, getOwnDeviceId(), publishOptions);
        Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + ": Bundle " + getOwnDeviceId() + " in PEP not current. Publishing...");
--- a/src/main/java/eu/siacs/conversations/utils/Resolver.java
+++ b/src/main/java/eu/siacs/conversations/utils/Resolver.java
@ -61,7 +61,9 @@ public class Resolver {
            final Field dnsClientField = ReliableDNSClient.class.getDeclaredField("dnsClient");
            dnsClientField.setAccessible(true);
            final DNSClient dnsClient = (DNSClient) dnsClientField.get(reliableDNSClient);
-            dnsClient.getDataSource().setTimeout(3000);
+            if (dnsClient != null) {
+                dnsClient.getDataSource().setTimeout(3000);
+            }
            final Field useHardcodedDnsServers = DNSClient.class.getDeclaredField("useHardcodedDnsServers");
            useHardcodedDnsServers.setAccessible(true);
            useHardcodedDnsServers.setBoolean(dnsClient, false);
@ -176,7 +178,7 @@ public class Resolver {
                final List<Result> ipv4s = resolveIp(record, A.class, result.isAuthenticData(), directTls);
                if (ipv4s.size() == 0) {
                    Result resolverResult = Result.fromRecord(record, directTls);
-                    resolverResult.authenticated = resolverResult.isAuthenticated();
+                    resolverResult.authenticated = result.isAuthenticData();
                    ipv4s.add(resolverResult);
                }
                synchronized (results) {
@ -210,7 +212,7 @@ public class Resolver {
            ResolverResult<D> results = resolveWithFallback(srv.name, type, authenticated);
            for (D record : results.getAnswersOrEmptySet()) {
                Result resolverResult = Result.fromRecord(srv, directTls);
-                resolverResult.authenticated = results.isAuthenticData() && authenticated;
+                resolverResult.authenticated = results.isAuthenticData() && authenticated; //TODO technically it doesn’t matter if the IP was authenticated
                resolverResult.ip = record.getInetAddress();
                list.add(resolverResult);
            }