Bug 7057

Summary: Net::DNS 0.76 compatibility: available_nameservers: No DNS servers available!
Product: Spamassassin Reporter: Mark Martinec <Mark.Martinec>
Component: LibrariesAssignee: SpamAssassin Developer Mailing List <dev>
Status: RESOLVED FIXED    
Severity: critical CC: kmcgrail
Priority: P2    
Version: 3.4.0   
Target Milestone: 3.4.1   
Hardware: All   
OS: All   
Whiteboard:

Description Mark Martinec 2014-06-18 01:24:44 UTC 
Net::DNS version 0.76 changed the field name holding a set of nameservers
in a Net::DNS::Resolver object: it used to be 'nameservers',
but is now split into two fields: 'nameserver4' and 'nameserver6'.

Mail/SpamAssassin/DnsResolver.pm relied on the internal field name
of a Net::DNS::Resolver object to obtain a default list of
recursive name servers, so the change in Net::DNS broke that.

As a result, SpamAssassin now fails DNS checks and reports:
  dns: eval failed: available_nameservers: No DNS servers available!
when used with Net::DNS 0.76 or later and no DNS servers are
configured explicitly in a custom .cf file (config option: dns_server).

The problem was reported by Walter Hurry on a mailing list, 2014-06-17.

The solution is to use an official access method to obtain this
information from Net::DNS::Resolver. Apparently early versions
of Net::DNS lacked such official access method, which is why we
needed to peek under the Net::DNS hood.

Proposed patch:

--- Mail/SpamAssassin/DnsResolver.pm.orig       2014-05-07 17:54:29 +0200
+++ Mail/SpamAssassin/DnsResolver.pm    2014-06-18 02:13:32 +0200
@@ -205,6 +205,8 @@
     dbg("dns: servers set by config to: %s", join(', ',@ns_addr_port));
   } elsif ($res) {  # default as provided by Net::DNS, e.g. /etc/resolv.conf
-    @ns_addr_port = map(untaint_var("[$_]:" . $res->{port}),
-                        @{$res->{nameservers}});
+    my @ns = $res->UNIVERSAL::can('nameservers') ? $res->nameservers
+                                                 : @{$res->{nameservers}};
+    my $port = $res->UNIVERSAL::can('port') ? $res->port : $res->{port};
+    @ns_addr_port = map(untaint_var("[$_]:" . $port), @ns);
     dbg("dns: servers obtained from Net::DNS : %s", join(', ',@ns_addr_port));
   }
Comment 1 Kevin A. McGrail 2014-06-18 01:56:26 UTC 
patch works for me with with 0.72 and 0.77 

Jun 17 21:53:58.195 [15385] dbg: dns: servers obtained from Net::DNS : [127.0.0.1]:53, [38.100.17.53]:53, [68.100.16.30]:53, [68.10.16.30]:53
Jun 17 21:53:58.195 [15385] dbg: dns: nameservers set to 127.0.0.1, 38.100.17.53, 68.100.16.30, 68.10.16.30
Jun 17 21:53:58.196 [15385] dbg: dns: using socket module: IO::Socket::INET, forced IPv4
Jun 17 21:53:58.196 [15385] dbg: dns: is Net::DNS::Resolver available? yes
Jun 17 21:53:58.196 [15385] dbg: dns: Net::DNS version: 0.72

&

Jun 17 21:55:56.924 [15689] dbg: dns: servers obtained from Net::DNS : [127.0.0.1]:53, [38.100.17.53]:53, [68.100.16.30]:53, [68.10.16.30]:53
Jun 17 21:55:56.924 [15689] dbg: dns: nameservers set to 127.0.0.1, 38.100.17.53, 68.100.16.30, 68.10.16.30
Jun 17 21:55:56.924 [15689] dbg: dns: using socket module: IO::Socket::INET, forced IPv4
Jun 17 21:55:56.924 [15689] dbg: dns: is Net::DNS::Resolver available? yes
Jun 17 21:55:56.924 [15689] dbg: dns: Net::DNS version: 0.77
Comment 2 Kevin A. McGrail 2014-06-18 02:06:13 UTC 
Doing more tests, I think Net::DNS 0.76 is also causing this:

t/dnsbl_subtests..................Use of uninitialized value in length at /usr/local/lib/perl5/site_perl/5.8.6/i686-linux/Net/DNS/Resolver/Base.pm line 318.

Will let you know if it otherwise passes make test in a few.
Comment 3 Kevin A. McGrail 2014-06-18 02:34:39 UTC 
Other than the uninitialized error, we pass make test. Mark, if you can look at this, I'd appreciate it.
Comment 4 Mark Martinec 2014-06-18 16:42:19 UTC 
> Other than the uninitialized error, we pass make test.
> Mark, if you can look at this, I'd appreciate it.

Done. Nothing that SpamAssassin can do about it.
Ignore the warning or use a newer version of perl:

  https://rt.cpan.org/Public/Bug/Display.html?id=96535
Comment 5 Kevin A. McGrail 2014-06-18 16:51:24 UTC 
Committed then, thanks Mark.

svn commit -m 'Committing Marks Patch for the DNS Resolving to fix the issues with Net::DNS 0.76'   
Sending        lib/Mail/SpamAssassin/DnsResolver.pm
Transmitting file data .
Committed revision 1603518.

Will ask user to test as well.