checker: Ensure DNS is also accessible over TCP
This commit is contained in:
parent
94ed539e01
commit
f70743d659
@ -134,7 +134,7 @@ func studentChecker(std *adlin.Student, also_check_matrix bool, offline bool) {
|
||||
snicheck1_tested := false
|
||||
|
||||
// Check DNS
|
||||
if addr, err := check_dns(std.MyDelegatedDomain(), dnsIP); err == nil {
|
||||
if addr, err := check_dns_both(std.MyDelegatedDomain(), dnsIP); err == nil {
|
||||
if addr == nil {
|
||||
dnsAt := ""
|
||||
if glueErr != nil {
|
||||
@ -267,7 +267,7 @@ func studentChecker(std *adlin.Student, also_check_matrix bool, offline bool) {
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if errreg := std.RegisterChallengeError(CheckMap[tunnel_version][DNSDelegation], fmt.Errorf("dig @%s %s: %w", dnsIP, std.MyDelegatedDomain(), err)); errreg != nil {
|
||||
if errreg := std.RegisterChallengeError(CheckMap[tunnel_version][DNSDelegation], err); errreg != nil {
|
||||
log.Printf("Unable to register challenge error for %s: %s\n", std.Login, errreg)
|
||||
}
|
||||
if verbose {
|
||||
@ -311,7 +311,7 @@ func studentChecker(std *adlin.Student, also_check_matrix bool, offline bool) {
|
||||
}
|
||||
|
||||
// Check DNS for association
|
||||
if addr, err := check_dns(std.MyAssociatedDomain(), DEFAULT_RESOLVER); err == nil {
|
||||
if addr, err := check_dns_udp(std.MyAssociatedDomain(), DEFAULT_RESOLVER); err == nil {
|
||||
// Check HTTP on delegated domain
|
||||
if err := check_http(addr.String(), std.MyAssociatedDomain()); err == nil {
|
||||
if verbose {
|
||||
|
||||
@ -237,8 +237,8 @@ func get_GLUE(student *adlin.Student) (aaaa net.IP, err error) {
|
||||
return
|
||||
}
|
||||
|
||||
func check_dns(domain, ip string) (aaaa net.IP, err error) {
|
||||
client := dns.Client{Timeout: time.Second * 5}
|
||||
func check_dns(proto, domain, ip string) (aaaa net.IP, err error) {
|
||||
client := dns.Client{Net: proto, Timeout: time.Second * 5}
|
||||
|
||||
m := new(dns.Msg)
|
||||
m.SetQuestion(domain, dns.TypeAAAA)
|
||||
@ -267,6 +267,28 @@ func check_dns(domain, ip string) (aaaa net.IP, err error) {
|
||||
return
|
||||
}
|
||||
|
||||
func check_dns_both(domain, ip string) (aaaa net.IP, err error) {
|
||||
if aaaa, err = check_dns_udp(domain, ip); err != nil {
|
||||
err = fmt.Errorf("dig @%s %s: %w", ip, domain, err)
|
||||
return
|
||||
}
|
||||
|
||||
if aaaa, err = check_dns_tcp(domain, ip); err != nil {
|
||||
err = fmt.Errorf("Test over TCP: dig +tcp @%s %s: %w", ip, domain, err)
|
||||
return
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func check_dns_udp(domain, ip string) (net.IP, error) {
|
||||
return check_dns("", domain, ip)
|
||||
}
|
||||
|
||||
func check_dns_tcp(domain, ip string) (net.IP, error) {
|
||||
return check_dns("tcp", domain, ip)
|
||||
}
|
||||
|
||||
func check_dnssec(domain, ip string) (err error) {
|
||||
client := dns.Client{Net: "tcp", Timeout: time.Second * 10}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user