[tor-commits] [sbws/master] Don't assume we can resolve a domain name

juga at torproject.org juga at torproject.org
Wed Oct 24 09:40:23 UTC 2018 

commit a7dce5ce0c191cce9e3dc8e9e7e34a2c1ee91cfd
Author: Matt Traudt <sirmatt at ksu.edu>
Date:   Mon Oct 22 10:13:43 2018 -0400

    Don't assume we can resolve a domain name
    
    Even for a valid domain that usually resolves, sometimes the local DNS
    resolver won't be able to resolve it (duh). Catch the exception that gets
    thrown in that instance and fail gracefully by returning an empty list.
---
 CHANGELOG.md          |  1 +
 sbws/globals.py       | 10 +++++++++-
 sbws/lib/relaylist.py |  5 ++++-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 90da685..f8160af 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Fixed
 
 - Update python minimal version in setup (#28043)
+- Catch unhandled exception when we fail to resolve a domain name (#28141)
 
 ### Changed
 
diff --git a/sbws/globals.py b/sbws/globals.py
index 52c31bf..e6ba3f5 100644
--- a/sbws/globals.py
+++ b/sbws/globals.py
@@ -67,8 +67,16 @@ def touch_file(fname, times=None):
 
 def resolve(hostname, ipv4_only=False, ipv6_only=False):
     assert not (ipv4_only and ipv6_only)
+    results = []
+    try:
+        results = socket.getaddrinfo(hostname, 0):
+    except socket.gaierror:
+        log.warn(
+            'Unable to resolve %s hostname. Returning empty list of addresses',
+            hostname)
+        return []
     ret = set()
-    for result in socket.getaddrinfo(hostname, 0):
+    for result in results:
         fam, _, _, _, addr = result
         if fam == socket.AddressFamily.AF_INET6 and not ipv4_only:
             ret.add(addr[0])
diff --git a/sbws/lib/relaylist.py b/sbws/lib/relaylist.py
index 58cae75..9402574 100644
--- a/sbws/lib/relaylist.py
+++ b/sbws/lib/relaylist.py
@@ -120,7 +120,10 @@ class Relay:
             #
             # Also, only use the first ipv4/6 we get even if there is more than
             # one.
-            host = resolve(host)[0]
+            results = resolve(host)
+            if not len(results):
+                return False
+            host = results[0]
         assert is_valid_ipv4_address(host) or is_valid_ipv6_address(host)
         return self.exit_policy.can_exit_to(host, port)

More information about the tor-commits mailing list