Secure and authentic

This commit is contained in:
M66B 2024-01-02 11:37:37 +01:00
parent 50a932e09c
commit 56a053f6be
1 changed files with 18 additions and 14 deletions

View File

@ -34,6 +34,7 @@ import org.minidns.DnsClient;
import org.minidns.dnsmessage.DnsMessage; import org.minidns.dnsmessage.DnsMessage;
import org.minidns.dnsqueryresult.DnsQueryResult; import org.minidns.dnsqueryresult.DnsQueryResult;
import org.minidns.dnsqueryresult.StandardDnsQueryResult; import org.minidns.dnsqueryresult.StandardDnsQueryResult;
import org.minidns.dnssec.DnssecResultNotAuthenticException;
import org.minidns.dnssec.DnssecValidationFailedException; import org.minidns.dnssec.DnssecValidationFailedException;
import org.minidns.dnsserverlookup.AbstractDnsServerLookupMechanism; import org.minidns.dnsserverlookup.AbstractDnsServerLookupMechanism;
import org.minidns.hla.DnssecResolverApi; import org.minidns.hla.DnssecResolverApi;
@ -49,8 +50,6 @@ import org.minidns.record.TXT;
import org.minidns.source.AbstractDnsDataSource; import org.minidns.source.AbstractDnsDataSource;
import java.io.IOException; import java.io.IOException;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress; import java.net.InetAddress;
import java.net.UnknownHostException; import java.net.UnknownHostException;
import java.util.ArrayList; import java.util.ArrayList;
@ -79,17 +78,17 @@ public class DnsHelper {
String domain = UriHelper.getEmailDomain(email); String domain = UriHelper.getEmailDomain(email);
if (domain == null) if (domain == null)
continue; continue;
lookup(context, domain, "mx", CHECK_TIMEOUT); lookup(context, domain, "mx", CHECK_TIMEOUT, false);
} }
} }
@NonNull @NonNull
static DnsRecord[] lookup(Context context, String name, String type) { static DnsRecord[] lookup(Context context, String name, String type) {
return lookup(context, name, type, LOOKUP_TIMEOUT); return lookup(context, name, type, LOOKUP_TIMEOUT, false);
} }
@NonNull @NonNull
static DnsRecord[] lookup(Context context, String name, String type, int timeout) { private static DnsRecord[] lookup(Context context, String name, String type, int timeout, boolean require_authentic) {
String filter = null; String filter = null;
int colon = type.indexOf(':'); int colon = type.indexOf(':');
if (colon > 0) { if (colon > 0) {
@ -210,19 +209,21 @@ public class DnsHelper {
} }
}); });
ResolverResult<? extends Data> r = resolver.resolve(name, clazz); ResolverResult<? extends Data> data = resolver.resolve(name, clazz);
if (!r.wasSuccessful()) { data.throwIfErrorResponse();
DnsMessage.RESPONSE_CODE responseCode = r.getResponseCode();
throw new IOException(responseCode.name()); boolean secure = (data.getUnverifiedReasons() != null);
if (secure && require_authentic) {
DnssecResultNotAuthenticException ex = data.getDnssecResultNotAuthenticException();
if (ex != null)
throw ex;
} }
List<DnsRecord> result = new ArrayList<>(); List<DnsRecord> result = new ArrayList<>();
Set<? extends Data> answers = r.getAnswers(); Set<? extends Data> answers = data.getAnswers();
if (answers != null) if (answers != null)
for (Data answer : answers) { for (Data answer : answers) {
if (BuildConfig.DEBUG)
EntityLog.log(context, EntityLog.Type.Network, name + ":" + type + "=" + answer);
Log.i("Answer=" + answer); Log.i("Answer=" + answer);
if (answer instanceof NS) { if (answer instanceof NS) {
NS ns = (NS) answer; NS ns = (NS) answer;
@ -266,7 +267,8 @@ public class DnsHelper {
for (DnsRecord record : result) { for (DnsRecord record : result) {
record.query = name; record.query = name;
record.secure = r.isAuthenticData(); record.secure = secure;
record.authentic = data.isAuthenticData();
} }
return result.toArray(new DnsRecord[0]); return result.toArray(new DnsRecord[0]);
@ -365,6 +367,7 @@ public class DnsHelper {
Integer priority; Integer priority;
Integer weight; Integer weight;
Boolean secure; Boolean secure;
Boolean authentic;
InetAddress address; InetAddress address;
DnsRecord(String response) { DnsRecord(String response) {
@ -391,7 +394,8 @@ public class DnsHelper {
@NonNull @NonNull
@Override @Override
public String toString() { public String toString() {
return query + "=" + response + ":" + port + " " + priority + "/" + weight + " secure=" + secure; return query + "=" + response + ":" + port + " " + priority + "/" + weight +
" secure=" + secure + " authentic=" + authentic;
} }
} }
} }