checker: fix segv

checker/checker.go

@@ -106,7 +106,7 @@ func check_dns(domain, ip string) (aaaa net.IP, err error) {
 }
 
 func check_dnssec(domain, ip string) (err error) {
-	client := dns.Client{Timeout: time.Second * 5}
+	client := dns.Client{Net: "tcp", Timeout: time.Second * 10}
 
 	// Get DNSKEY
 	m := new(dns.Msg)
@@ -138,6 +138,10 @@ func check_dnssec(domain, ip string) (err error) {
 		}
 	}
 
+	if dnskeysig == nil {
+		return fmt.Errorf("Unable to verify DNSKEY record signature: No RRSIG found for DNSKEY record.")
+	}
+
 	found := false
 	for _, dnskey := range dnskeys {
 		if err = dnskeysig.Verify(dnskey, rrs); err == nil {
@@ -180,7 +184,11 @@ func check_dnssec(domain, ip string) (err error) {
 	}
 
 	if len(aaaas) == 0 {
-		return errors.New("")
+		return errors.New("Something odd happen: no AAAA record found.")
+	}
+
+	if aaaasig == nil {
+		return fmt.Errorf("Unable to verify AAAA record signature: No RRSIG found for AAAA record.")
 	}
 
 	found = false