From 2c5250a82c7adddea03a8ed914b1fd66f5407774 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Sun, 25 Jun 2017 18:35:40 +0200 Subject: [PATCH] new resolver fall back to normal dns if dnssec verfication fails --- .../siacs/conversations/utils/Resolver.java | 31 +++++++++++++------ 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/utils/Resolver.java b/src/main/java/eu/siacs/conversations/utils/Resolver.java index b1e18ab4a..272a1e7bd 100644 --- a/src/main/java/eu/siacs/conversations/utils/Resolver.java +++ b/src/main/java/eu/siacs/conversations/utils/Resolver.java @@ -14,7 +14,9 @@ import de.measite.minidns.DNSClient; import de.measite.minidns.DNSName; import de.measite.minidns.Question; import de.measite.minidns.Record; +import de.measite.minidns.dnssec.DNSSECValidationFailedException; import de.measite.minidns.hla.DnssecResolverApi; +import de.measite.minidns.hla.ResolverApi; import de.measite.minidns.hla.ResolverResult; import de.measite.minidns.record.A; import de.measite.minidns.record.AAAA; @@ -39,13 +41,13 @@ public class Resolver { List results = new ArrayList<>(); try { results.addAll(resolveSrv(domain,true)); - } catch (IOException e) { - //ignore + } catch (Throwable t) { + Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": "+t.getMessage()); } try { results.addAll(resolveSrv(domain,false)); - } catch (IOException e) { - //ignore + } catch (Throwable t) { + Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": "+t.getMessage()); } if (results.size() == 0) { results.add(Result.createDefault(domain)); @@ -56,7 +58,13 @@ public class Resolver { private static List resolveSrv(String domain, final boolean directTls) throws IOException { Question question = new Question((directTls ? DIRECT_TLS_SERVICE : STARTTLS_SERICE)+"._tcp."+domain,Record.TYPE.SRV); - ResolverResult result = DnssecResolverApi.INSTANCE.resolve(question); + ResolverResult result; + try { + result = DnssecResolverApi.INSTANCE.resolve(question); + } catch (DNSSECValidationFailedException e) { + Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving SRV record with DNSSEC. Trying DNS instead "+e.getMessage()); + result = ResolverApi.INSTANCE.resolve(question); + } List results = new ArrayList<>(); for(Data record : result.getAnswersOrEmptySet()) { if (record instanceof SRV) { @@ -76,16 +84,21 @@ public class Resolver { private static List resolveIp(SRV srv, Class type, boolean authenticated, boolean directTls) { List list = new ArrayList<>(); try { - ResolverResult results = DnssecResolverApi.INSTANCE.resolve(srv.name, type); + ResolverResult results; + try { + results = DnssecResolverApi.INSTANCE.resolve(srv.name, type); + } catch (DNSSECValidationFailedException e) { + Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving "+type.getSimpleName()+" with DNSSEC. Trying DNS instead "+e.getMessage()); + results = ResolverApi.INSTANCE.resolve(srv.name,type); + } for (D record : results.getAnswersOrEmptySet()) { Result resolverResult = Result.fromRecord(srv, directTls); resolverResult.authenticated = results.isAuthenticData() && authenticated; resolverResult.ip = record.getInetAddress(); list.add(resolverResult); } - } catch (IOException e) { - Log.d(Config.LOGTAG,e.getMessage()); - //ignore. will add default record later + } catch (Throwable t) { + Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving "+type.getSimpleName()+" "+t.getMessage()); } return list; }