summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-09-04 18:53:26 +0200
committerJulian Andres Klode <jak@debian.org>2016-10-05 21:53:39 +0200
commit420871ad79e85480d1ac34f2d9da1c706f1ea6f4 (patch)
tree2ee6098143b8832213cfd3ba9a21875a44117d02
parent3b4a7c7da916ad9584af34d535ebac37f3b338a0 (diff)
abort connection on '.' target replies in SRV
Commit 3af3ac2f5ec007badeded46a94be2bd06b9917a2 (released in 1.3~pre1) implements proper fallback for SRV, but that works actually too good as the RFC defines that such an SRV record should indicate that the server doesn't provide this service and apt should respect this. The solution is hence to fail again as requested even if that isn't what the user (and perhaps even the server admins) wanted. At least we will print a message now explicitly mentioning SRV to point people in the right direction. Reported-In: https://bugs.kali.org/view.php?id=3525 Reported-By: Raphaƫl Hertzog (cherry picked from commit 99fdd8034b4a5cdb0100a33d0b3d5e26079c1695)
-rw-r--r--methods/connect.cc6
1 files changed, 6 insertions, 0 deletions
diff --git a/methods/connect.cc b/methods/connect.cc
index f768169d1..c57e57bd4 100644
--- a/methods/connect.cc
+++ b/methods/connect.cc
@@ -278,7 +278,13 @@ bool Connect(std::string Host,int Port,const char *Service,
{
SrvRecords.clear();
if (_config->FindB("Acquire::EnableSrvRecords", true) == true)
+ {
GetSrvRecords(Host, DefPort, SrvRecords);
+ // RFC2782 defines that a lonely '.' target is an abort reason
+ if (SrvRecords.size() == 1 && SrvRecords[0].target.empty())
+ return _error->Error("SRV records for %s indicate that "
+ "%s service is not available at this domain", Host.c_str(), Service);
+ }
}
size_t stackSize = 0;