new resolver fall back to normal dns if dnssec verfication fails
This commit is contained in:
parent
cbce73c301
commit
2c5250a82c
|
@ -14,7 +14,9 @@ import de.measite.minidns.DNSClient;
|
||||||
import de.measite.minidns.DNSName;
|
import de.measite.minidns.DNSName;
|
||||||
import de.measite.minidns.Question;
|
import de.measite.minidns.Question;
|
||||||
import de.measite.minidns.Record;
|
import de.measite.minidns.Record;
|
||||||
|
import de.measite.minidns.dnssec.DNSSECValidationFailedException;
|
||||||
import de.measite.minidns.hla.DnssecResolverApi;
|
import de.measite.minidns.hla.DnssecResolverApi;
|
||||||
|
import de.measite.minidns.hla.ResolverApi;
|
||||||
import de.measite.minidns.hla.ResolverResult;
|
import de.measite.minidns.hla.ResolverResult;
|
||||||
import de.measite.minidns.record.A;
|
import de.measite.minidns.record.A;
|
||||||
import de.measite.minidns.record.AAAA;
|
import de.measite.minidns.record.AAAA;
|
||||||
|
@ -39,13 +41,13 @@ public class Resolver {
|
||||||
List<Result> results = new ArrayList<>();
|
List<Result> results = new ArrayList<>();
|
||||||
try {
|
try {
|
||||||
results.addAll(resolveSrv(domain,true));
|
results.addAll(resolveSrv(domain,true));
|
||||||
} catch (IOException e) {
|
} catch (Throwable t) {
|
||||||
//ignore
|
Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": "+t.getMessage());
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
results.addAll(resolveSrv(domain,false));
|
results.addAll(resolveSrv(domain,false));
|
||||||
} catch (IOException e) {
|
} catch (Throwable t) {
|
||||||
//ignore
|
Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": "+t.getMessage());
|
||||||
}
|
}
|
||||||
if (results.size() == 0) {
|
if (results.size() == 0) {
|
||||||
results.add(Result.createDefault(domain));
|
results.add(Result.createDefault(domain));
|
||||||
|
@ -56,7 +58,13 @@ public class Resolver {
|
||||||
|
|
||||||
private static List<Result> resolveSrv(String domain, final boolean directTls) throws IOException {
|
private static List<Result> resolveSrv(String domain, final boolean directTls) throws IOException {
|
||||||
Question question = new Question((directTls ? DIRECT_TLS_SERVICE : STARTTLS_SERICE)+"._tcp."+domain,Record.TYPE.SRV);
|
Question question = new Question((directTls ? DIRECT_TLS_SERVICE : STARTTLS_SERICE)+"._tcp."+domain,Record.TYPE.SRV);
|
||||||
ResolverResult<Data> result = DnssecResolverApi.INSTANCE.resolve(question);
|
ResolverResult<Data> result;
|
||||||
|
try {
|
||||||
|
result = DnssecResolverApi.INSTANCE.resolve(question);
|
||||||
|
} catch (DNSSECValidationFailedException e) {
|
||||||
|
Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving SRV record with DNSSEC. Trying DNS instead "+e.getMessage());
|
||||||
|
result = ResolverApi.INSTANCE.resolve(question);
|
||||||
|
}
|
||||||
List<Result> results = new ArrayList<>();
|
List<Result> results = new ArrayList<>();
|
||||||
for(Data record : result.getAnswersOrEmptySet()) {
|
for(Data record : result.getAnswersOrEmptySet()) {
|
||||||
if (record instanceof SRV) {
|
if (record instanceof SRV) {
|
||||||
|
@ -76,16 +84,21 @@ public class Resolver {
|
||||||
private static <D extends InternetAddressRR> List<Result> resolveIp(SRV srv, Class<D> type, boolean authenticated, boolean directTls) {
|
private static <D extends InternetAddressRR> List<Result> resolveIp(SRV srv, Class<D> type, boolean authenticated, boolean directTls) {
|
||||||
List<Result> list = new ArrayList<>();
|
List<Result> list = new ArrayList<>();
|
||||||
try {
|
try {
|
||||||
ResolverResult<D> results = DnssecResolverApi.INSTANCE.resolve(srv.name, type);
|
ResolverResult<D> results;
|
||||||
|
try {
|
||||||
|
results = DnssecResolverApi.INSTANCE.resolve(srv.name, type);
|
||||||
|
} catch (DNSSECValidationFailedException e) {
|
||||||
|
Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving "+type.getSimpleName()+" with DNSSEC. Trying DNS instead "+e.getMessage());
|
||||||
|
results = ResolverApi.INSTANCE.resolve(srv.name,type);
|
||||||
|
}
|
||||||
for (D record : results.getAnswersOrEmptySet()) {
|
for (D record : results.getAnswersOrEmptySet()) {
|
||||||
Result resolverResult = Result.fromRecord(srv, directTls);
|
Result resolverResult = Result.fromRecord(srv, directTls);
|
||||||
resolverResult.authenticated = results.isAuthenticData() && authenticated;
|
resolverResult.authenticated = results.isAuthenticData() && authenticated;
|
||||||
resolverResult.ip = record.getInetAddress();
|
resolverResult.ip = record.getInetAddress();
|
||||||
list.add(resolverResult);
|
list.add(resolverResult);
|
||||||
}
|
}
|
||||||
} catch (IOException e) {
|
} catch (Throwable t) {
|
||||||
Log.d(Config.LOGTAG,e.getMessage());
|
Log.d(Config.LOGTAG,Resolver.class.getSimpleName()+": error resolving "+type.getSimpleName()+" "+t.getMessage());
|
||||||
//ignore. will add default record later
|
|
||||||
}
|
}
|
||||||
return list;
|
return list;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue