From a8dc20962ad6bb9562ed59033d2ecb6bf2cec981 Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Sat, 19 Feb 2022 13:02:52 +0100 Subject: [PATCH] workaround a bug in coredns --- core/admin/mailu/utils.py | 3 +-- core/admin/start.py | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/core/admin/mailu/utils.py b/core/admin/mailu/utils.py index f0a7fd20..4469ae8a 100644 --- a/core/admin/mailu/utils.py +++ b/core/admin/mailu/utils.py @@ -47,7 +47,7 @@ def handle_needs_login(): # DNS stub configured to do DNSSEC enabled queries resolver = dns.resolver.Resolver() -resolver.use_edns(0, 0, 1232) +resolver.use_edns(0, dns.flags.DO, 1232) resolver.flags = dns.flags.AD | dns.flags.RD def has_dane_record(domain, timeout=10): @@ -56,7 +56,6 @@ def has_dane_record(domain, timeout=10): if result.response.flags & dns.flags.AD: for record in result: if isinstance(record, dns.rdtypes.ANY.TLSA.TLSA): - record.validate() if record.usage in [2,3] and record.selector in [0,1] and record.mtype in [0,1,2]: return True except dns.resolver.NoNameservers: diff --git a/core/admin/start.py b/core/admin/start.py index 1964be5f..dd4f5b35 100755 --- a/core/admin/start.py +++ b/core/admin/start.py @@ -28,7 +28,7 @@ def test_DNS(): import time # DNS stub configured to do DNSSEC enabled queries resolver = dns.resolver.Resolver() - resolver.use_edns(0, 0, 1232) + resolver.use_edns(0, dns.flags.DO, 1232) resolver.flags = dns.flags.AD | dns.flags.RD nameservers = resolver.nameservers for ns in nameservers: