From b2a08ddacd1ccd4bd84861323b695418501e78da Mon Sep 17 00:00:00 2001 From: Smitty Date: Thu, 31 Dec 2020 17:31:33 -0500 Subject: [PATCH] wgengine/tsdns: return NOERROR instead of NOTIMP for most records This is what every other DNS resolver I could find does, so tsdns should do it to. This also helps avoid weird error messages about non-existent records being unimplemented, and thus fixes #848. Signed-off-by: Smitty --- wgengine/tsdns/tsdns.go | 16 +++++++++++++++- wgengine/tsdns/tsdns_test.go | 4 ++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/wgengine/tsdns/tsdns.go b/wgengine/tsdns/tsdns.go index c14503003..fad334539 100644 --- a/wgengine/tsdns/tsdns.go +++ b/wgengine/tsdns/tsdns.go @@ -228,8 +228,22 @@ func (r *Resolver) Resolve(domain string, tp dns.Type) (netaddr.IP, dns.RCode, e // It could be IPv4, IPv6, or a zero addr. // TODO: Return all available resolutions (A and AAAA, if we have them). return addr, dns.RCodeSuccess, nil - default: + + // Leave some some record types explicitly unimplemented. + // These types relate to recursive resolution or special + // DNS sematics and might be implemented in the future. + case dns.TypeNS, dns.TypeSOA, dns.TypeAXFR, dns.TypeHINFO: return netaddr.IP{}, dns.RCodeNotImplemented, errNotImplemented + + // For everything except for the few types above that are explictly not implemented, return no records. + // This is what other DNS systems do: always return NOERROR + // without any records whenever the requested record type is unknown. + // You can try this with: + // dig -t TYPE9824 example.com + // and note that NOERROR is returned, despite that record type being made up. + default: + // no records exist of this type + return netaddr.IP{}, dns.RCodeSuccess, nil } } diff --git a/wgengine/tsdns/tsdns_test.go b/wgengine/tsdns/tsdns_test.go index 7e28b9efb..2eb0df479 100644 --- a/wgengine/tsdns/tsdns_test.go +++ b/wgengine/tsdns/tsdns_test.go @@ -215,6 +215,10 @@ func TestResolve(t *testing.T) { {"nxdomain", "test3.ipn.dev.", dns.TypeA, netaddr.IP{}, dns.RCodeNameError}, {"foreign domain", "google.com.", dns.TypeA, netaddr.IP{}, dns.RCodeRefused}, {"all", "test1.ipn.dev.", dns.TypeA, testipv4, dns.RCodeSuccess}, + {"mx-ipv4", "test1.ipn.dev.", dns.TypeMX, netaddr.IP{}, dns.RCodeSuccess}, + {"mx-ipv6", "test2.ipn.dev.", dns.TypeMX, netaddr.IP{}, dns.RCodeSuccess}, + {"mx-nxdomain", "test3.ipn.dev.", dns.TypeMX, netaddr.IP{}, dns.RCodeNameError}, + {"ns-nxdomain", "test3.ipn.dev.", dns.TypeNS, netaddr.IP{}, dns.RCodeNameError}, } for _, tt := range tests {