From d661c86302c9bbb27d3521b46d1bf4f4e8fc9b3e Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 14 Jan 2025 10:42:37 +0100
Subject: [PATCH] dnsdist: Improve error messages on security polling failures

---
 pdns/dnsdistdist/dnsdist-secpoll.cc | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/pdns/dnsdistdist/dnsdist-secpoll.cc b/pdns/dnsdistdist/dnsdist-secpoll.cc
index 213b43f436..fb2472dabf 100644
--- a/pdns/dnsdistdist/dnsdist-secpoll.cc
+++ b/pdns/dnsdistdist/dnsdist-secpoll.cc
@@ -101,7 +101,11 @@ static std::string getSecPollStatus(const std::string& queriedName, int timeout=
 
   const auto& resolversForStub = getResolvers("/etc/resolv.conf");
 
-  for(const auto& dest : resolversForStub) {
+  if (resolversForStub.empty()) {
+    throw std::runtime_error("No resolver to query to check for Security Status update");
+  }
+
+  for (const auto& dest : resolversForStub) {
     Socket sock(dest.sin4.sin_family, SOCK_DGRAM);
     sock.setNonBlocking();
     sock.connect(dest);
@@ -155,7 +159,7 @@ static std::string getSecPollStatus(const std::string& queriedName, int timeout=
 
       /* no need to try another resolver if the domain does not exist */
       if (d.rcode == RCode::NXDomain) {
-        throw std::runtime_error("Unable to get a valid Security Status update");
+        throw std::runtime_error("Unable to get a valid Security Status update, domain does not exist");
       }
       continue;
     }
-- 
2.47.2