diff options
author | Christian Schneppe <christian@pix-art.de> | 2017-06-25 19:21:19 +0200 |
---|---|---|
committer | Christian Schneppe <christian@pix-art.de> | 2017-06-25 19:21:19 +0200 |
commit | e3adf6b264ae379c34ef3bc6c06624425689cf95 (patch) | |
tree | ea2c707a200dc73f2e6a7f620e0cf702fcebb60a /src/main/java | |
parent | 38880f2a15cde3d21c597e2d69b76c69febb3eff (diff) |
new resolver fall back to normal dns if dnssec verfication fails
Diffstat (limited to 'src/main/java')
-rw-r--r-- | src/main/java/de/pixart/messenger/utils/Resolver.java | 31 |
1 files changed, 22 insertions, 9 deletions
diff --git a/src/main/java/de/pixart/messenger/utils/Resolver.java b/src/main/java/de/pixart/messenger/utils/Resolver.java index a5bcad547..d69a828e2 100644 --- a/src/main/java/de/pixart/messenger/utils/Resolver.java +++ b/src/main/java/de/pixart/messenger/utils/Resolver.java @@ -14,7 +14,9 @@ import de.measite.minidns.DNSClient; import de.measite.minidns.DNSName; import de.measite.minidns.Question; import de.measite.minidns.Record; +import de.measite.minidns.dnssec.DNSSECValidationFailedException; import de.measite.minidns.hla.DnssecResolverApi; +import de.measite.minidns.hla.ResolverApi; import de.measite.minidns.hla.ResolverResult; import de.measite.minidns.record.A; import de.measite.minidns.record.AAAA; @@ -36,13 +38,13 @@ public class Resolver { List<Result> results = new ArrayList<>(); try { results.addAll(resolveSrv(domain, true)); - } catch (IOException e) { - //ignore + } catch (Throwable t) { + Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": " + t.getMessage()); } try { results.addAll(resolveSrv(domain, false)); - } catch (IOException e) { - //ignore + } catch (Throwable t) { + Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": " + t.getMessage()); } if (results.size() == 0) { results.add(Result.createDefault(domain)); @@ -53,7 +55,13 @@ public class Resolver { private static List<Result> resolveSrv(String domain, final boolean directTls) throws IOException { Question question = new Question((directTls ? DIRECT_TLS_SERVICE : STARTTLS_SERICE) + "._tcp." + domain, Record.TYPE.SRV); - ResolverResult<Data> result = DnssecResolverApi.INSTANCE.resolve(question); + ResolverResult<Data> result; + try { + result = DnssecResolverApi.INSTANCE.resolve(question); + } catch (DNSSECValidationFailedException e) { + Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": error resolving SRV record with DNSSEC. Trying DNS instead " + e.getMessage()); + result = ResolverApi.INSTANCE.resolve(question); + } List<Result> results = new ArrayList<>(); for (Data record : result.getAnswersOrEmptySet()) { if (record instanceof SRV) { @@ -73,16 +81,21 @@ public class Resolver { private static <D extends InternetAddressRR> List<Result> resolveIp(SRV srv, Class<D> type, boolean authenticated, boolean directTls) { List<Result> list = new ArrayList<>(); try { - ResolverResult<D> results = DnssecResolverApi.INSTANCE.resolve(srv.name, type); + ResolverResult<D> results; + try { + results = DnssecResolverApi.INSTANCE.resolve(srv.name, type); + } catch (DNSSECValidationFailedException e) { + Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": error resolving " + type.getSimpleName() + " with DNSSEC. Trying DNS instead " + e.getMessage()); + results = ResolverApi.INSTANCE.resolve(srv.name, type); + } for (D record : results.getAnswersOrEmptySet()) { Result resolverResult = Result.fromRecord(srv, directTls); resolverResult.authenticated = results.isAuthenticData() && authenticated; resolverResult.ip = record.getInetAddress(); list.add(resolverResult); } - } catch (IOException e) { - Log.d(Config.LOGTAG, e.getMessage()); - //ignore. will add default record later + } catch (Throwable t) { + Log.d(Config.LOGTAG, Resolver.class.getSimpleName() + ": error resolving " + type.getSimpleName() + " " + t.getMessage()); } return list; } |