dnssec: log warning if dependency is missing

Calling dnssec.query() with missing "cryptography" dep behaves the same as if DNSSEC validation failed: validated=False will be returned. When used for openalias, we mandate validated=True.
2025-12-05 16:35:35 +00:00
parent cdcac8cb09
commit cf8c243bd9
1 changed files with 3 additions and 1 deletions
--- a/electrum/dnssec.py
+++ b/electrum/dnssec.py
@@ -30,6 +30,7 @@
 #  http://backreference.org/2010/11/17/dnssec-verification-with-dig/
 #  https://github.com/rthalley/dnspython/blob/master/tests/test_dnssec.py

+import logging

 import dns
 import dns.name
@@ -150,7 +151,8 @@ async def query(url: str, rtype: dns.rdatatype.RdataType) -> Tuple[dns.rrset.RRs
        out = await _get_and_validate(ns, url, rtype)
        validated = True
    except Exception as e:
-        _logger.info(f"DNSSEC error: {repr(e)}")
+        log_level = logging.WARNING if isinstance(e, ImportError) else logging.INFO
+        _logger.log(log_level, f"DNSSEC error: {repr(e)}")
        out = await dns.asyncresolver.resolve(url, rtype)
        validated = False
    return out, validated