Commit fae9fc92 authored by Alexandre's avatar Alexandre
Browse files

Allow malformed DNS response with truncated test

parent 28166a23
......@@ -427,12 +427,8 @@ class ConnectionDoT(Connection):
buf = self.session.recv(2)
request.response_size = int.from_bytes(buf, byteorder='big')
buf = self.session.recv(request.response_size)
try:
request.response = dns.message.from_wire(buf)
request.rcode = True
except dns.exception.FormError:
request.response = f'Received DNS message is malformed: {buf}'
request.rcode = False
request.response = dns.message.from_wire(buf)
request.rcode = True
def send_and_receive(self, request):
self.send_data(request.data)
......@@ -713,6 +709,11 @@ def run_check_trunc(connection):
error(e)
except OpenSSL.SSL.ZeroReturnError: # This is acceptable
return ok
except dns.exception.FormError: # This is also acceptable
# Some DSN resolvers will echo mangled requests with
# the RCODE set to FORMERR
# so response can not be parsed in this case
return ok
if request.check_response(): # FORMERR is expected
if dot:
ok = request.rcode == dns.rcode.FORMERR
......
......@@ -528,19 +528,19 @@ tests:
partstderr: 'Key error'
- exe: './homer.py'
name: '[dot][check][fail] Resolver returning a malformed DNS message'
name: '[dot][check] Resolver returning a malformed DNS message'
markers:
- 'dot'
- 'check'
- 'fail'
- 'exception'
args:
- '--dot'
- '--check'
- 'dns.digitale-gesellschaft.ch'
- 'framagit.org'
retcode: 1
partstderr: 'Received DNS message is malformed'
stdout: "KO\n"
retcode: 0
stderr: ''
stdout: "OK\n"
- exe: './homer.py'
name: '[dot][fail] Resolver with an invalid certificate'
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment