abort connection on '.' target replies in SRV

Commit 3af3ac2f5ec007badeded46a94be2bd06b9917a2 (released in 1.3~pre1)
implements proper fallback for SRV, but that works actually too good
as the RFC defines that such an SRV record should indicate that the
server doesn't provide this service and apt should respect this.

The solution is hence to fail again as requested even if that isn't what
the user (and perhaps even the server admins) wanted. At least we will
print a message now explicitly mentioning SRV to point people in the
right direction.

Reported-In: https://bugs.kali.org/view.php?id=3525
Reported-By: Raphaël Hertzog
(cherry picked from commit 99fdd8034b4a5cdb0100a33d0b3d5e26079c1695)

diff --git a/methods/connect.cc b/methods/connect.cc
index f768169d1aceec08cb8d7a1458ccfcd80dc82ed2..c57e57bd46ab530c4573eae68bb26cc705f7a0e5 100644 (file)
--- a/methods/connect.cc
+++ b/methods/connect.cc
@@ -278,7 +278,13 @@ bool Connect(std::string Host,int Port,const char *Service,
    {
       SrvRecords.clear();
       if (_config->FindB("Acquire::EnableSrvRecords", true) == true)
+      {
          GetSrvRecords(Host, DefPort, SrvRecords);
+        // RFC2782 defines that a lonely '.' target is an abort reason
+        if (SrvRecords.size() == 1 && SrvRecords[0].target.empty())
+           return _error->Error("SRV records for %s indicate that "
+                 "%s service is not available at this domain", Host.c_str(), Service);
+      }
    }
 
    size_t stackSize = 0;