Cannot use DoH DNS server that use HTTP/1.1 since updating to version 4.3

[rivershang]

Please answer the following questions for yourself before submitting an issue.

• I am running the latest version
• I checked the documentation and found no answer
• I checked to make sure that this issue has not already been filed

AdGuard version

4.3.1

Environment

- OS: Android 13
- Device: OnePlus

Root access

• Yes, I have it.

What filters do you have enabled?

No response

What Stealth Mode options do you have enabled?

No response

Issue Details

Steps to reproduce:

1. Updated AdGuard from version 4.2 to version 4.3 or the latest version 4.3.1 released today 28th Dec. 2023.
2. Use the custom DoH DNS server that use HTTP/1.1 under DNS protection -> DNS server and the Fallback upstreams set to Automatic DNS under Low-lever settings -> DNS protection.
3. Start AdGuard and lunch any app to surf on the Internet.

Expected Behavior

Adguard should use the DoH DNS server: the DNS upstream should be showed the desired DoH DNS server of DNS request details in Recent activity like order version before 4.3, e.g. version 4.2.

Actual Behavior

The DNS upstream will be showed the Automatic DNS server instead of the desired DoH DNS server of DNS request details after checking it in Recent activity.

Screenshots

Screenshot 1:

Additional Information

It has following error log in the file adguard.log after setting the Logging level to Debug and exported it then check it:

22:29:41.181 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - TLS session cache get_session: Session cache for https://xxx/dns-query is empty
22:29:41.185 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - UdpSocket on_read: Read error: connection refused
22:29:41.226 [Thread-697] DEBUG c.a.d.proxy.DnsProxy$EventsAdapter - Certificate verification took 8ms
22:29:41.228 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - DOH upstream establish_any_of_connections: [76] [635-h2] Selected protocol
22:29:41.229 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - DOH upstream exchange: [76] [635-h2] [21119] Assigned stream id: 1
22:29:41.229 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - DOH upstream exchange: [76] [635-h2] [62482] Assigned stream id: 3
22:29:41.229 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - DOH upstream exchange: [76] [635-h2] [28806] Assigned stream id: 5
22:29:41.230 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - DOH upstream exchange: [76] [635-h2] [17412] Assigned stream id: 7
22:29:41.240 [tcpip-stack-run-pool-163-thread-1] DEBUG Native - TCPIP.TCPMNGR: [LWIP id=399] new TCP connection IP address -> IP address
22:29:41.242 [tcpip-stack-events-pool-162-thread-1] DEBUG u.c - Sockets count increased on 1, total count: 8

22:29:41.251 [Thread-694] DEBUG o1.a$c - Request 'protect socket' received in the Proxy server, descriptor=115
22:29:41.252 [Thread-694] DEBUG c.a.a.service.vpn.LocalVpnService - The socket with descriptor 115 has been protected successfully
22:29:41.253 [Thread-694] DEBUG Native - AGFDVSocketFactory: [IP address] operator()(): Connecting to: [IP address]:80
22:29:41.266 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - TLS session cache save_session: Session saved, 1 sessions available for https://xxx/dns-query
22:29:41.266 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - TLS session cache save_session: Session saved, 2 sessions available for https://xxx/dns-query
22:29:41.298 [Thread-697] DEBUG com.adguard.dnslibs.proxy.DnsProxy - H2 on_error: [151] Remote peer returned unexpected data while we expected SETTINGS frame. Perhaps, peer does not support HTTP/2 properly.

[maxikuzmin]

@rivershang I checked this on my device, but I don't have this repeated. Could you please be more specific as to what dns you are using?

[maxikuzmin]

@rivershang have you tried repeating this with other dns? Does it repeat with other dns?

[rivershang]

@rivershang I checked this on my device, but I don't have this repeated. Could you please be more specific as to what dns you are using?

Hi @maxikuzmin Yes, you can try it: https://doh.apad.pro/dns-query. Please test it in mainland China network environment like using source IP or proxy server from mainland China as it's not pure HTTP/1.1 if you test it from outside of mainland China according to the maintainer. Thus it may not be reproducible.

[rivershang]

@rivershang have you tried repeating this with other dns? Does it repeat with other dns?

I have tried other DNS like AdGuard DoH without such issue.

[maxikuzmin]

@rivershang unfortunately I have no way to reproduce this in a mainland China network environment. Do I need to be specifically on the Chinese network or can it be sufficient to connect to a China location?

[rivershang]

@maxikuzmin You need to be specifically on the mainland China network in order to reproduce it as it's not pure HTTP/1.1 if you test it from outside of mainland China, that means it doesn't work as it only support HTTP/1.1 while using it within mainland China and works sometimes when you use it outside of mainland China as it also support HTTP/2 in such situation.

[maxikuzmin]

@rivershang in that case just use a different DNS. I checked this via proxy, requests go through 2.0 and through 1.1. We'll look into this problem