diff options
| author | Roland Shoemaker <roland@golang.org> | 2021-06-30 14:28:18 -0700 |
|---|---|---|
| committer | Roland Shoemaker <roland@golang.org> | 2021-07-08 16:27:19 +0000 |
| commit | a91ed836c53fcd64697b07659a8930c0a7140759 (patch) | |
| tree | 15a261ecfb293b9d98204ce49436d22d0ece6185 | |
| parent | cb4cd9e17753b5cd8ee4cd5b1f23d46241b485f1 (diff) | |
| download | go-a91ed836c53fcd64697b07659a8930c0a7140759.tar.gz go-a91ed836c53fcd64697b07659a8930c0a7140759.zip | |
[release-branch.go1.16] net: don't reject null mx records
Bypass hostname validity checking when a null mx record is returned as,
defined in RFC 7505.
Updates #46979
Updates #46999
Change-Id: Ibe683bd6b47333a8ff30909fb2680ec8e10696ef
Reviewed-on: https://go-review.googlesource.com/c/go/+/332094
Trust: Roland Shoemaker <roland@golang.org>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
(cherry picked from commit 03761ede028d811dd7d7cf8a2690d4bfa2771d85)
Reviewed-on: https://go-review.googlesource.com/c/go/+/332371
Run-TryBot: Katie Hockman <katie@golang.org>
| -rw-r--r-- | src/net/dnsclient_unix_test.go | 40 | ||||
| -rw-r--r-- | src/net/lookup.go | 4 |
2 files changed, 43 insertions, 1 deletions
diff --git a/src/net/dnsclient_unix_test.go b/src/net/dnsclient_unix_test.go index d51113fc13..8cd383c5e0 100644 --- a/src/net/dnsclient_unix_test.go +++ b/src/net/dnsclient_unix_test.go @@ -1956,3 +1956,43 @@ func TestCVE202133195(t *testing.T) { t.Errorf("LookupAddr returned unexpected error, got %q, want %q", err, expected) } } + +func TestNullMX(t *testing.T) { + fake := fakeDNSServer{ + rh: func(n, _ string, q dnsmessage.Message, _ time.Time) (dnsmessage.Message, error) { + r := dnsmessage.Message{ + Header: dnsmessage.Header{ + ID: q.Header.ID, + Response: true, + RCode: dnsmessage.RCodeSuccess, + }, + Questions: q.Questions, + Answers: []dnsmessage.Resource{ + { + Header: dnsmessage.ResourceHeader{ + Name: q.Questions[0].Name, + Type: dnsmessage.TypeMX, + Class: dnsmessage.ClassINET, + }, + Body: &dnsmessage.MXResource{ + MX: dnsmessage.MustNewName("."), + }, + }, + }, + } + return r, nil + }, + } + r := Resolver{PreferGo: true, Dial: fake.DialContext} + rrset, err := r.LookupMX(context.Background(), "golang.org") + if err != nil { + t.Fatalf("LookupMX: %v", err) + } + if want := []*MX{&MX{Host: "."}}; !reflect.DeepEqual(rrset, want) { + records := []string{} + for _, rr := range rrset { + records = append(records, fmt.Sprintf("%v", rr)) + } + t.Errorf("records = [%v]; want [%v]", strings.Join(records, " "), want[0]) + } +} diff --git a/src/net/lookup.go b/src/net/lookup.go index 0660268249..01c81dbaaf 100644 --- a/src/net/lookup.go +++ b/src/net/lookup.go @@ -488,7 +488,9 @@ func (r *Resolver) LookupMX(ctx context.Context, name string) ([]*MX, error) { if mx == nil { continue } - if !isDomainName(mx.Host) { + // Bypass the hostname validity check for targets which contain only a dot, + // as this is used to represent a 'Null' MX record. + if mx.Host != "." && !isDomainName(mx.Host) { return nil, &DNSError{Err: "MX target is invalid", Name: name} } } |