dns-over-tls-php-client icon indicating copy to clipboard operation
dns-over-tls-php-client copied to clipboard

Published 20 hours ago verified publisher icon dcid

REFUSED != NXDOMAIN

Open stasic opened this issue 5 years ago • 0 comments

If resolving from a certain IP is not allowed REFUSED (=RCODE 3 instead of RCODE 0) is returned, but dnstls.php interprets it wrongly as NXDOMAIN.

The RCODE needs to be evaluated too (see RFC2929): https://tools.ietf.org/html/rfc2929#section-2.3

how to reproduce: php dnstls.php dotns1.aco.net dotns1.aco.net Host dotns1.aco.net not found: 3(NXDOMAIN)

stasic avatar Mar 11 '19 12:03 stasic