From 3d0f0cc1ce72518a0745de01ed4125930426a682 Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Tue, 26 Mar 2024 21:32:10 -0400
Subject: [PATCH] add query_all_nameservers config option

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 conduwuit-example.toml          |  6 ++++++
 src/config/mod.rs               |  7 +++++++
 src/service/globals/mod.rs      |  2 ++
 src/service/globals/resolver.rs | 15 ++++++++++++++-
 4 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/conduwuit-example.toml b/conduwuit-example.toml
index 662bc01d..fed77160 100644
--- a/conduwuit-example.toml
+++ b/conduwuit-example.toml
@@ -413,6 +413,12 @@ url_preview_check_root_domain = false
 # Number of retries after a timeout.
 #dns_attempts = 5
 
+# Enable to query all nameservers until the domain is found. Referred to as "trust_negative_responses" in hickory_resolver.
+# This can avoid useless DNS queries if the first nameserver responds with NXDOMAIN or an empty NOERROR response.
+#
+# The default is to query one nameserver and stop (false).
+#query_all_nameservers = false
+
 
 
 ### Request Timeouts, Connection Timeouts, and Connection Pooling
diff --git a/src/config/mod.rs b/src/config/mod.rs
index 9c17a585..9436fdb5 100644
--- a/src/config/mod.rs
+++ b/src/config/mod.rs
@@ -67,6 +67,8 @@ pub struct Config {
 	pub dns_attempts: u16,
 	#[serde(default = "default_dns_timeout")]
 	pub dns_timeout: u64,
+	#[serde(default)]
+	pub query_all_nameservers: bool,
 	#[serde(default = "default_max_request_size")]
 	pub max_request_size: u32,
 	#[serde(default = "default_max_concurrent_requests")]
@@ -322,6 +324,7 @@ impl fmt::Display for Config {
 			("DNS minimum nxdomain ttl", &self.dns_min_ttl_nxdomain.to_string()),
 			("DNS attempts", &self.dns_attempts.to_string()),
 			("DNS timeout", &self.dns_timeout.to_string()),
+			("Query all nameservers", &self.query_all_nameservers.to_string()),
 			("Maximum request size (bytes)", &self.max_request_size.to_string()),
 			("Maximum concurrent requests", &self.max_concurrent_requests.to_string()),
 			("Request connect timeout", &self.request_conn_timeout.to_string()),
@@ -511,6 +514,10 @@ impl fmt::Display for Config {
 			),
 			("URL preview maximum spider size", &self.url_preview_max_spider_size.to_string()),
 			("URL preview check root domain", &self.url_preview_check_root_domain.to_string()),
+			(
+				"Allow check for updates / announcements check",
+				&self.allow_check_for_updates.to_string(),
+			),
 		];
 
 		let mut msg: String = "Active config values:\n\n".to_owned();
diff --git a/src/service/globals/mod.rs b/src/service/globals/mod.rs
index 0422b857..b9086e34 100644
--- a/src/service/globals/mod.rs
+++ b/src/service/globals/mod.rs
@@ -235,6 +235,8 @@ impl Service<'_> {
 
 	pub fn dns_resolver(&self) -> &TokioAsyncResolver { &self.resolver.resolver }
 
+	pub fn query_all_nameservers(&self) -> bool { self.config.query_all_nameservers }
+
 	pub fn actual_destinations(&self) -> &Arc<RwLock<resolver::WellKnownMap>> { &self.resolver.destinations }
 
 	pub fn jwt_decoding_key(&self) -> Option<&jsonwebtoken::DecodingKey> { self.jwt_decoding_key.as_ref() }
diff --git a/src/service/globals/resolver.rs b/src/service/globals/resolver.rs
index 97397881..3e9fb00a 100644
--- a/src/service/globals/resolver.rs
+++ b/src/service/globals/resolver.rs
@@ -40,9 +40,22 @@ impl Resolver {
 			.unwrap();
 
 		let mut conf = hickory_resolver::config::ResolverConfig::new();
+
+		if let Some(domain) = sys_conf.domain() {
+			conf.set_domain(domain.clone());
+		}
+
+		for sys_conf in sys_conf.search() {
+			conf.add_search(sys_conf.clone());
+		}
+
 		for sys_conf in sys_conf.name_servers() {
 			let mut ns = sys_conf.clone();
-			ns.trust_negative_responses = true;
+
+			if config.query_all_nameservers {
+				ns.trust_negative_responses = true;
+			}
+
 			conf.add_name_server(ns);
 		}