sorry, the quote was wrong. the stale cache issue is confirmed fixed with the patch.
i meant to quote this: *I think I've found and fixed the problem, but I don't have a macOS machine to test with, nor have a I configured a DOH proxy, so I'd appreciate it if you could re-run your tests and see if it works with the patch in place.https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=d774add784d01c8346b271e8fb5cbedc44d7ed08 <https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=d774add784d01c8346b271e8fb5cbedc44d7ed08>Thanks for the very useful bug report.Cheers,Simon.* On Tue, May 2, 2023 at 15:01 Justin <cattyho...@gmail.com> wrote: > Hello Simon > > *Reply your message * > > > > > > > > > > > > > > *Thanks for the report. I've just pushed a code change which improves > the checking of received packets to conform better with section > 15.https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=7500157cff8ea28ab03e6e62e0d1575e4d01746b > <https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=7500157cff8ea28ab03e6e62e0d1575e4d01746b>Out > of interest, did this cause problems in a real installation, or were you > running a test suite?Cheers,Simon.* > > > *I've cloned the latest git repo and build it and tested, the issue is > fixed. thank you.* > > > > *On Tue, May 2, 2023 at 13:23 Justin <cattyho...@gmail.com > <cattyho...@gmail.com>> wrote:* > >> *it turns out, after sending stale cache to client (macOS), dnsmasq >> tries to query upstream, but this time, it is sending malformed packet: * >> >> *Queries* >> >> *api.github.com <http://api.github.com>: type A, class IN* >> >> *Name: api.github.com <http://api.github.com>* >> >> *[Name Length: 14]* >> >> *[Label Count: 3]* >> >> *Type: A (Host Address) (1)* >> >> *Class: IN (0x0001)* >> >> *Additional records* >> >> *[Malformed Packet: DNS]* >> >> *[Expert Info (Error/Malformed): Malformed Packet (Exception occurred)]* >> >> *[Malformed Packet (Exception occurred)]* >> >> *[Severity level: Error]* >> >> *and all the rest of query are sent to upstream like that.* >> >> *notice: only reproducable if the client is macOS, and upstream is a >> DoH/DoT proxy like adguard/dnsproxy * >> >> >> >> *On Mon, May 1, 2023 at 03:42 Justin <cattyho...@gmail.com >> <cattyho...@gmail.com>> wrote:* >> >>> >>> *Hello devs* >>> >>> *in order to use DOH/DOT, a proxy upstream is configured, when dnsmasq >>> enables use-stale-cache, some upstream may return error when dnsmasq tries >>> to refresh the record from upstream after stale cache is sent to client. * >>> >>> *i reported the issue here in dnsproxy project, as this is the DOH proxy >>> i am currently using. however i've tried many other Go/Rust DOH proxy ( >>> namely doh-client, dns-over-https, dnss, cloudflared) , they all return >>> error when dnsmasq tries to refresh the record.* >>> >>> *https://github.com/AdguardTeam/dnsproxy/issues/328* >>> <https://github.com/AdguardTeam/dnsproxy/issues/328> >>> >>> *only reproducible : if the requesting client is macOS and the upstream >>> is a DOH proxy, Linux does not have this issue. using a udp upstream like >>> 1.1.1.1 does not have this issue either.* >>> >>> *hope you could take a look at the issue posted.* >>> >> >> *-- * >> >> >> *RegardsJustin He* >> > -- > > Regards > Justin He > -- Regards Justin He
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
