From af08910f9b54b19eb391dbc9f336faad10842016 Mon Sep 17 00:00:00 2001
From: Ariadne Conill <ariadne@dereferenced.org>
Date: Sun, 27 Mar 2022 10:31:36 +0000
Subject: [PATCH] only treat NXDOMAIN/SERVFAIL as a failure if it applies for
 both A/AAAA queries

some resolvers (Tor DNSPort) are returning the wrong faultcodes in some
misguided attempt to force traffic to be IPv4-only, which causes musl DNS
to break entirely.

by tracking failures for both A/AAAA queries and confirming that the failure
is consistent for both failure types, we can allow Tor's DNSPort functionality
to work correctly.

tested with Tor 0.4.6.10 in Alpine edge.
---
 src/network/lookup_name.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/network/lookup_name.c b/src/network/lookup_name.c
index aa558c19..8ff58df0 100644
--- a/src/network/lookup_name.c
+++ b/src/network/lookup_name.c
@@ -140,7 +140,7 @@ static int name_from_dns(struct address buf[static MAXADDRS], char canon[static
 	unsigned char qbuf[2][280], abuf[2][512];
 	const unsigned char *qp[2] = { qbuf[0], qbuf[1] };
 	unsigned char *ap[2] = { abuf[0], abuf[1] };
-	int qlens[2], alens[2];
+	int qlens[2], alens[2], fails[2];
 	int i, nq = 0;
 	struct dpc_ctx ctx = { .addrs = buf, .canon = canon };
 	static const struct { int af; int rr; } afrr[2] = {
@@ -163,9 +163,13 @@ static int name_from_dns(struct address buf[static MAXADDRS], char canon[static
 		return EAI_SYSTEM;
 
 	for (i=0; i<nq; i++) {
-		if (alens[i] < 4 || (abuf[i][3] & 15) == 2) return EAI_AGAIN;
-		if ((abuf[i][3] & 15) == 3) return 0;
-		if ((abuf[i][3] & 15) != 0) return EAI_FAIL;
+		if (alens[i] < 4 || (abuf[i][3] & 15) == 2) fails[nq] = EAI_AGAIN;
+		if ((abuf[i][3] & 15) == 3) fails[nq] = EAI_NONAME;
+		if ((abuf[i][3] & 15) != 0) fails[nq] = EAI_FAIL;
+	}
+
+	if (fails[0] && fails[1]) {
+		return fails[0];
 	}
 
 	for (i=0; i<nq; i++)
-- 
2.35.1