StandardResolver joins multiple TXT records as 1 record

Question

StandardResolver joins multiple TXT records as 1 record

DaanBaars opened this issue a year ago · comments

\SPFLib\DNS\StandardResolver::getTXTRecords uses dns_get_record() it returns an array where TXT contains the TXT record.
However if for example there are multiple TXT records for example:

domain.com TXT "v=spf1 a mx include:spf.protection.outlook.com -all"
domain.com TXT "MS=ms1234567890"
domain.com TXT "google-site-verification=............................"

The result the txt record would be "v=spf1 a mx include:spf.protection.outlook.com -allMS=ms1234567890google-site-verification=............................" this will then result in a invalid spf record as it does not end with "all"

The solution could be to add underneath to the foreach loop:

        if(!empty($record['entries'])) {
            foreach ($record['entries'] as $entry){
                $result[] = $entry;
            }
            continue;
        }

So the loop would look like:

    foreach ($records as $record) {
        if(!empty($record['entries'])) {
            foreach ($record['entries'] as $entry){
                $result[] = $entry;
            }
            continue;
        }
        if (isset($record['txt'])) {
            $result[] = $record['txt'];
        }
    }

If entries is empty or none existing it will fall back to the txt value

Michele Locati · Answer 1 · Mon Feb 06 2023 18:55:50 GMT+0800 (China Standard Time)

Do you have a sample domain where you can see this behaviour?
For example, for google.com I don't see any difference between the values of the txt and entry...

For example, by running

var_dump(dns_get_record('google.com', DNS_TXT));

We have (after removing the unrelated stuff):

array(12) {
  [0]=>array(6) {
    ["txt"]=>string(43) "MS=E4A68B9AB2BB9670BCE15412F62916164C0B20BB"
    ["entries"]=>array(1) {
      [0]=>string(43) "MS=E4A68B9AB2BB9670BCE15412F62916164C0B20BB"
    }
  }
  [1]=>array(6) {
    ["txt"]=>string(94) "atlassian-domain-verification=5YjTmWmjI92ewqkx2oXmBaD60Td9zWon9r6eakvHX6B77zzkFQto8PQ9QsKnbf4I"
    ["entries"]=>array(1) {
      [0]=>string(94) "atlassian-domain-verification=5YjTmWmjI92ewqkx2oXmBaD60Td9zWon9r6eakvHX6B77zzkFQto8PQ9QsKnbf4I"
    }
  }
  [2]=>array(6) {
    ["txt"]=>string(45) "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
    ["entries"]=>array(1) {
      [0]=>string(45) "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
    }
  }
  [3]=>array(6) {
    ["txt"]=>string(61) "onetrust-domain-verification=de01ed21f2fa4d8781cbc3ffb89cf4ef"
    ["entries"]=>array(1) {
      [0]=>string(61) "onetrust-domain-verification=de01ed21f2fa4d8781cbc3ffb89cf4ef"
    }
  }
  [4]=>array(6) {
    ["txt"]=>string(42) "apple-domain-verification=30afIBcvSuDV2PLX"
    ["entries"]=>array(1) {
      [0]=>string(42) "apple-domain-verification=30afIBcvSuDV2PLX"
    }
  }
  [5]=>array(6) {
    ["txt"]=>string(45) "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
    ["entries"]=>array(1) {
      [0]=>
      string(45) "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
    }
  }
  [6]=>array(6) {
    ["txt"]=>string(64) "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
    ["entries"]=>array(1) {
      [0]=>string(64) "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
    }
  }
  [7]=>array(6) {
    ["txt"]=>string(66) "webexdomainverification.8YX6G=6e6922db-e3e6-4a36-904e-a805c28087fa"
    ["entries"]=>array(1) {
      [0]=>string(66) "webexdomainverification.8YX6G=6e6922db-e3e6-4a36-904e-a805c28087fa"
    }
  }
  [8]=>array(6) {
    ["txt"]=>string(68) "google-site-verification=wD8N7i1JTNTkezJ49swvWW48f8_9xveREV4oB-0Hf5o"
    ["entries"]=>array(1) {
      [0]=>string(68) "google-site-verification=wD8N7i1JTNTkezJ49swvWW48f8_9xveREV4oB-0Hf5o"
    }
  }
  [9]=>array(6) {
    ["txt"]=>string(35) "v=spf1 include:_spf.google.com ~all"
    ["entries"]=>array(1) {
      [0]=>string(35) "v=spf1 include:_spf.google.com ~all"
    }
  }
  [10]=>array(6) {
    ["txt"]=>string(68) "google-site-verification=TV9-DBe4R80X4v0M4U_bd_J9cpOJM0nikft0jAgjmsQ"
    ["entries"]=>array(1) {
      [0]=>string(68) "google-site-verification=TV9-DBe4R80X4v0M4U_bd_J9cpOJM0nikft0jAgjmsQ"
    }
  }
  [11]=>array(6) {
    ["txt"]=>string(59) "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
    ["entries"]=>array(1) {
      [0]=>string(59) "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
    }
  }
}

DaanBaars · Answer 2 · Mon Feb 06 2023 19:08:24 GMT+0800 (China Standard Time)

I sended you an more detailed e-mail

Michele Locati · Answer 3 · Mon Feb 06 2023 23:02:59 GMT+0800 (China Standard Time)

dns_get_record() behaves rather strangely on the php:8.2-cli and php:8.2-cli-alpine docker images: I've reported this bug - see php/php-src#10518

Michele Locati · Answer 4 · Wed Feb 08 2023 05:36:12 GMT+0800 (China Standard Time)

I'm closing this issue because it seems that the problem resides in Docker for Windows: see docker/for-win#13122 (comment)