Resolver splat from b4 am

Linux maintainer tooling and workflows
 help / color / mirror / Atom feed

* Resolver splat from b4 am
@ 2022-09-12 12:21 Mark Brown
  2022-09-12 12:27 ` Florian Weimer
  0 siblings, 1 reply; 4+ messages in thread
From: Mark Brown @ 2022-09-12 12:21 UTC (permalink / raw)
  To: Konstantin Ryabitsev; +Cc: users, tools

[-- Attachment #1: Type: text/plain, Size: 3041 bytes --]

Using a current git version of b4 I'm currently seeng a Python
splat which appears to be due to trying to verify a DKIM
signature:

$ b4 am 00ffdd42-2cb6-112e-3bb5-b9ef1105fc4f@linux.intel.com
Analyzing 4 messages in the thread
Checking attestation on all messages, may take a moment...
Traceback (most recent call last):
  File "/home/broonie/git/b4/b4/command.py", line 352, in <module>
    cmd()
  File "/home/broonie/git/b4/b4/command.py", line 335, in cmd
    cmdargs.func(cmdargs)
  File "/home/broonie/git/b4/b4/command.py", line 91, in cmd_am
    b4.mbox.main(cmdargs)
  File "/home/broonie/git/b4/b4/mbox.py", line 764, in main
    make_am(msgs, cmdargs, msgid)
  File "/home/broonie/git/b4/b4/mbox.py", line 104, in make_am
    am_msgs = lser.get_am_ready(noaddtrailers=cmdargs.noaddtrailers,
  File "/home/broonie/git/b4/b4/__init__.py", line 552, in get_am_ready
    checkmark, trailers, attcrit = lmsg.get_attestation_trailers(attpolicy, maxdays)
  File "/home/broonie/git/b4/b4/__init__.py", line 1301, in get_attestation_trailers
    for attestor in self.attestors:
  File "/home/broonie/git/b4/b4/__init__.py", line 1152, in attestors
    self._load_dkim_attestors()
  File "/home/broonie/git/b4/b4/__init__.py", line 1195, in _load_dkim_attestors
    res = dkim.verify(self.msg.as_bytes(), logger=dkimlogger)
  File "/usr/lib/python3/dist-packages/dkim/__init__.py", line 1352, in verify
    return d.verify(dnsfunc=dnsfunc)
  File "/usr/lib/python3/dist-packages/dkim/__init__.py", line 940, in verify
    return self.verify_sig(sig, include_headers, sigheaders[idx], dnsfunc)
  File "/usr/lib/python3/dist-packages/dkim/__init__.py", line 773, in verify_sig
    self.pk, self.keysize, self.ktag, self.seqtlsrpt = load_pk_from_dns(name,
  File "/usr/lib/python3/dist-packages/dkim/__init__.py", line 481, in load_pk_from_dns
    s = dnsfunc(name, timeout=timeout)
  File "/usr/lib/python3/dist-packages/dkim/dnsplug.py", line 88, in get_txt
    txt = _get_txt(unicode_name, timeout)
  File "/usr/lib/python3/dist-packages/dkim/dnsplug.py", line 31, in get_txt_dnspython
    a = dns.resolver.query(name, dns.rdatatype.TXT,raise_on_no_answer=False, lifetime=timeout)
  File "/usr/lib/python3/dist-packages/dns/resolver.py", line 1221, in query
    return resolve(qname, rdtype, rdclass, tcp, source,
  File "/usr/lib/python3/dist-packages/dns/resolver.py", line 1205, in resolve
    return get_default_resolver().resolve(qname, rdtype, rdclass, tcp, source,
  File "/usr/lib/python3/dist-packages/dns/resolver.py", line 1040, in resolve
    (nameserver, port, tcp, backoff) = resolution.next_nameserver()
  File "/usr/lib/python3/dist-packages/dns/resolver.py", line 598, in next_nameserver
    raise NoNameservers(request=self.request, errors=self.errors)
dns.resolver.NoNameservers: All nameservers failed to answer the query 20210112._domainkey.quanta-corp-partner-google-com.20210112.gappssmtp.com. IN TXT: Server 172.16.32.1 UDP port 53 answered ; Server 172.16.32.1 TCP port 53 answered [Errno 111] Connection refused


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Resolver splat from b4 am
  2022-09-12 12:21 Resolver splat from b4 am Mark Brown
@ 2022-09-12 12:27 ` Florian Weimer
  2022-09-12 13:06   ` Konstantin Ryabitsev
  0 siblings, 1 reply; 4+ messages in thread
From: Florian Weimer @ 2022-09-12 12:27 UTC (permalink / raw)
  To: Mark Brown; +Cc: Konstantin Ryabitsev, users, tools

* Mark Brown:

>     raise NoNameservers(request=self.request, errors=self.errors)
> dns.resolver.NoNameservers: All nameservers failed to answer the query 20210112._domainkey.quanta-corp-partner-google-com.20210112.gappssmtp.com. IN TXT: Server 172.16.32.1 UDP port 53 answered ; Server 172.16.32.1 TCP port 53 answered [Errno 111] Connection refused

This looks like missing TCP DNS service on your network.  The DNS
response is larger than 512 bytes, so it can't be transmitted over UDP.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Resolver splat from b4 am
  2022-09-12 12:27 ` Florian Weimer
@ 2022-09-12 13:06   ` Konstantin Ryabitsev
  2022-09-12 13:52     ` Mark Brown
  0 siblings, 1 reply; 4+ messages in thread
From: Konstantin Ryabitsev @ 2022-09-12 13:06 UTC (permalink / raw)
  To: Florian Weimer; +Cc: Mark Brown, users, tools

On Mon, Sep 12, 2022 at 02:27:46PM +0200, Florian Weimer wrote:
> * Mark Brown:
> 
> >     raise NoNameservers(request=self.request, errors=self.errors)
> > dns.resolver.NoNameservers: All nameservers failed to answer the query 20210112._domainkey.quanta-corp-partner-google-com.20210112.gappssmtp.com. IN TXT: Server 172.16.32.1 UDP port 53 answered ; Server 172.16.32.1 TCP port 53 answered [Errno 111] Connection refused
> 
> This looks like missing TCP DNS service on your network.  The DNS
> response is larger than 512 bytes, so it can't be transmitted over UDP.

Still, shouldn't crash on that. I'll add the exception that's needed.

-K

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Resolver splat from b4 am
  2022-09-12 13:06   ` Konstantin Ryabitsev
@ 2022-09-12 13:52     ` Mark Brown
  0 siblings, 0 replies; 4+ messages in thread
From: Mark Brown @ 2022-09-12 13:52 UTC (permalink / raw)
  To: Konstantin Ryabitsev; +Cc: Florian Weimer, users, tools

[-- Attachment #1: Type: text/plain, Size: 849 bytes --]

On Mon, Sep 12, 2022 at 09:06:56AM -0400, Konstantin Ryabitsev wrote:
> On Mon, Sep 12, 2022 at 02:27:46PM +0200, Florian Weimer wrote:
> > * Mark Brown:

> > >     raise NoNameservers(request=self.request, errors=self.errors)
> > > dns.resolver.NoNameservers: All nameservers failed to answer the query 20210112._domainkey.quanta-corp-partner-google-com.20210112.gappssmtp.com. IN TXT: Server 172.16.32.1 UDP port 53 answered ; Server 172.16.32.1 TCP port 53 answered [Errno 111] Connection refused

> > This looks like missing TCP DNS service on your network.  The DNS
> > response is larger than 512 bytes, so it can't be transmitted over UDP.

Right, I can see what the problem is (not sure if it's the
network here at LPC or the server that shold be answering).

> Still, shouldn't crash on that. I'll add the exception that's needed.

Thanks.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-09-12 13:52 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-09-12 12:21 Resolver splat from b4 am Mark Brown
2022-09-12 12:27 ` Florian Weimer
2022-09-12 13:06   ` Konstantin Ryabitsev
2022-09-12 13:52     ` Mark Brown

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox