mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-11-21 19:42:05 +01:00
DNS: Correctly handle broken SRV records
where the SRV RR points to a target DNS name with no associated A or AAAA RRs. Fixes SMACK-781.
This commit is contained in:
parent
122bf06ccc
commit
01aa6d9c18
4 changed files with 37 additions and 3 deletions
|
@ -59,6 +59,20 @@ public abstract class DNSResolver {
|
||||||
return new HostAddress(name, port, inetAddresses);
|
return new HostAddress(name, port, inetAddresses);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Lookup the IP addresses of a given host name. Returns <code>null</code> if there was an error, in which the error
|
||||||
|
* reason will be added in form of a <code>HostAddress</code> to <code>failedAddresses</code>. Returns a empty list
|
||||||
|
* in case the DNS name exists but has no associated A or AAAA resource records. Otherwise, if the resolution was
|
||||||
|
* successful <em>and</em> there is at least one A or AAAA resource record, then a non-empty list will be returned.
|
||||||
|
* <p>
|
||||||
|
* Concrete DNS resolver implementations are free to overwrite this, but have to stick to the interface contract.
|
||||||
|
* </p>
|
||||||
|
*
|
||||||
|
* @param name the DNS name to lookup
|
||||||
|
* @param failedAddresses a list with the failed addresses
|
||||||
|
* @param dnssecMode the selected DNSSEC mode
|
||||||
|
* @return A list, either empty or non-empty, or <code>null</code>
|
||||||
|
*/
|
||||||
protected List<InetAddress> lookupHostAddress0(String name, List<HostAddress> failedAddresses, DnssecMode dnssecMode) {
|
protected List<InetAddress> lookupHostAddress0(String name, List<HostAddress> failedAddresses, DnssecMode dnssecMode) {
|
||||||
// Default implementation of a DNS name lookup for A/AAAA records. It is assumed that this method does never
|
// Default implementation of a DNS name lookup for A/AAAA records. It is assumed that this method does never
|
||||||
// support DNSSEC. Subclasses are free to override this method.
|
// support DNSSEC. Subclasses are free to override this method.
|
||||||
|
|
|
@ -19,6 +19,7 @@ package org.jivesoftware.smack.util.dns.dnsjava;
|
||||||
import java.net.InetAddress;
|
import java.net.InetAddress;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.logging.Level;
|
||||||
|
|
||||||
import org.jivesoftware.smack.ConnectionConfiguration.DnssecMode;
|
import org.jivesoftware.smack.ConnectionConfiguration.DnssecMode;
|
||||||
import org.jivesoftware.smack.initializer.SmackInitializer;
|
import org.jivesoftware.smack.initializer.SmackInitializer;
|
||||||
|
@ -73,7 +74,13 @@ public class DNSJavaResolver extends DNSResolver implements SmackInitializer {
|
||||||
int weight = srvRecord.getWeight();
|
int weight = srvRecord.getWeight();
|
||||||
|
|
||||||
List<InetAddress> hostAddresses = lookupHostAddress0(host, failedAddresses, dnssecMode);
|
List<InetAddress> hostAddresses = lookupHostAddress0(host, failedAddresses, dnssecMode);
|
||||||
if (hostAddresses == null) {
|
if (hostAddresses == null || hostAddresses.isEmpty()) {
|
||||||
|
// If hostAddresses is not null but empty, then the DNS resolution was successful but the domain did not
|
||||||
|
// have any A or AAAA resource records.
|
||||||
|
if (hostAddresses.isEmpty()) {
|
||||||
|
LOGGER.log(Level.INFO, "The DNS name " + name + ", points to a hostname (" + host
|
||||||
|
+ ") which has neither A or AAAA resource records. This is an indication of a broken DNS setup.");
|
||||||
|
}
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -111,7 +111,13 @@ public class JavaxResolver extends DNSResolver implements SmackInitializer {
|
||||||
String host = srvRecordEntries[srvRecordEntries.length - 1];
|
String host = srvRecordEntries[srvRecordEntries.length - 1];
|
||||||
|
|
||||||
List<InetAddress> hostAddresses = lookupHostAddress0(host, failedAddresses, dnssecMode);
|
List<InetAddress> hostAddresses = lookupHostAddress0(host, failedAddresses, dnssecMode);
|
||||||
if (hostAddresses == null) {
|
if (hostAddresses == null || hostAddresses.isEmpty()) {
|
||||||
|
// If hostAddresses is not null but empty, then the DNS resolution was successful but the domain did not
|
||||||
|
// have any A or AAAA resource records.
|
||||||
|
if (hostAddresses.isEmpty()) {
|
||||||
|
LOGGER.log(Level.INFO, "The DNS name " + name + ", points to a hostname (" + host
|
||||||
|
+ ") which has neither A or AAAA resource records. This is an indication of a broken DNS setup.");
|
||||||
|
}
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@ import java.util.Collections;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
import java.util.logging.Level;
|
||||||
|
|
||||||
import org.jivesoftware.smack.ConnectionConfiguration.DnssecMode;
|
import org.jivesoftware.smack.ConnectionConfiguration.DnssecMode;
|
||||||
import org.jivesoftware.smack.initializer.SmackInitializer;
|
import org.jivesoftware.smack.initializer.SmackInitializer;
|
||||||
|
@ -90,7 +91,13 @@ public class MiniDnsResolver extends DNSResolver implements SmackInitializer {
|
||||||
for (SRV srv : result.getAnswers()) {
|
for (SRV srv : result.getAnswers()) {
|
||||||
String hostname = srv.name.ace;
|
String hostname = srv.name.ace;
|
||||||
List<InetAddress> hostAddresses = lookupHostAddress0(hostname, failedAddresses, dnssecMode);
|
List<InetAddress> hostAddresses = lookupHostAddress0(hostname, failedAddresses, dnssecMode);
|
||||||
if (hostAddresses == null) {
|
if (hostAddresses == null || hostAddresses.isEmpty()) {
|
||||||
|
// If hostAddresses is not null but empty, then the DNS resolution was successful but the domain did not
|
||||||
|
// have any A or AAAA resource records.
|
||||||
|
if (hostAddresses.isEmpty()) {
|
||||||
|
LOGGER.log(Level.INFO, "The DNS name " + name + ", points to a hostname (" + hostname
|
||||||
|
+ ") which has neither A or AAAA resource records. This is an indication of a broken DNS setup.");
|
||||||
|
}
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue