Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

throw preventing all Accepted Domains DNS records from being evaluated #1477

Open
reevesjeremy opened this issue Dec 18, 2024 · 2 comments
Open
Labels
bug This issue or pull request addresses broken functionality public-reported This issue is reported by the public users of the tool.

Comments

@reevesjeremy
Copy link

reevesjeremy commented Dec 18, 2024

When running exo report, I'm seeing Failed to resolve ... but for only one domain per record type. At first I thought that was great as there is little to review. Once I realized if one of these domains appeared, so should others due to our split DNS architecture, I know there was a bug.

throw "Failed to resolve $($Qname). `n$($Log)"

When throw is called, the routine is escaped and no additional Accepted Domains are processed for that record type. When I replaced throw with Write-Warning, all the Accepted Domains were evaluated and showed on-screen.

@adhilto
Copy link
Collaborator

adhilto commented Dec 19, 2024

Hi, thanks for reporting this. I agree, an exception thrown while resolving one domain shouldn't stop the other domains from being tested. I will open an issue to revisit that behavior. That said, would you mind sharing what specific exception is causing "Failed to resolve..." to throw? A simple NXDOMAIN, empty answer section, or even a one-time network failure wouldn't be enough to trigger it. Both the traditional DNS query and the DoH fallback would have to repeatedly fail to reach that point. The specific exception should be printed as part of the message, "Query resulted in exception, ..."

See #1479.

@adhilto adhilto added the public-reported This issue is reported by the public users of the tool. label Dec 19, 2024
@schrolla schrolla added the bug This issue or pull request addresses broken functionality label Dec 19, 2024
@reevesjeremy
Copy link
Author

I wasn't seeing a throw in the console output, so it was making it difficult to find. (I anonymized the domains returned.)

> Invoke-SCuBA -ProductNames exo
WARNING: Error running Get-ScubaSpfRecord. Failed to resolve subdomain.domain.com.
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"subdomain.domain.com"}
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"subdomain.domain.com"}
WARNING: Error running Get-ScubaDkimRecord. Failed to resolve selector1._domainkey.subdomain2.domain.com.
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"selector1._domainkey.subdomain2.domain.com"}
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"selector1._domainkey.subdomain2.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"selector1._domainkey.subdomain2.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"selector1._domainkey.subdomain2.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"selector1._domainkey.subdomain2.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"selector1._domainkey.subdomain2.domain.com"}
WARNING: Error running Get-ScubaDmarcRecord. Failed to resolve _dmarc.subdomain3.domain.com.
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"_dmarc.subdomain3.domain.com"}
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"_dmarc.subdomain3.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"_dmarc.subdomain3.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"_dmarc.subdomain3.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"_dmarc.subdomain3.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"_dmarc.subdomain3.domain.com"}

I imported the ExportEXOProvider.psm1 as a module, and ran the following:

Import-Module "C:\Users\{username}\Documents\WindowsPowerShell\Modules\ScubaGear\1.4.0\Modules\Providers\ExportEXOProvider.psm1"
$Domains = Get-AcceptedDomains
Get-ScubaSpfRecord -Domains $Domains

That is where I saw the throw.

> Get-ScubaSpfRecord -Domains $Domains
Failed to resolve subdomain.domain.com.
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"subdomain.domain.com"}
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"subdomain.domain.com"}
At C:\Users\{username}\Documents\WindowsPowerShell\Modules\ScubaGear\1.4.0\Modules\Providers\ExportEXOProvider.psm1:354 char:9
+         throw "Failed to resolve $($Qname). `n$($Log)"
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (Failed to resol...subdomain.domain.com"}:String) [], RuntimeException
    + FullyQualifiedErrorId : Failed to resolve subdomain.domain.com.
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"subdomain.domain.com"}
{"query_method":"traditional","query_result":"Query resulted in exception, RCODE_REFUSED,Microsoft.DnsClient.Commands.ResolveDnsName","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query returned 0 txt records","query_name":"subdomain.domain.com"}
{"query_method":"DoH","query_result":"Query resulted in exception, InvokeMethodOnNull,Microsoft.PowerShell.Commands.ForEachObjectCommand","query_name":"subdomain.domain.com"}

After I Remove-Module ExportEXOProvider, edited the file to replace throw with Write-Warning, and then Import-Module ScubaGear and re-run Invoke-SCuBA -ProductNames exo again, it processed all the domains.

Its unclear to me why I'm not seeing the throw in the console when running Invoke-SCuBA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug This issue or pull request addresses broken functionality public-reported This issue is reported by the public users of the tool.
Projects
None yet
Development

No branches or pull requests

3 participants