Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dnsdist: grepq returns garbage for DNSCrypt-encrypted responses #5566

Closed
rgacogne opened this issue Aug 1, 2017 · 0 comments · Fixed by #5580
Closed

dnsdist: grepq returns garbage for DNSCrypt-encrypted responses #5566

rgacogne opened this issue Aug 1, 2017 · 0 comments · Fixed by #5580
Assignees
@rgacogne
Labels
defect dnsdist
Milestone
dnsdist-1.2.0

Comments

@rgacogne
Copy link
Member

rgacogne commented Aug 1, 2017

  • Program: dnsdist
  • Issue type: Bug report

Short description

As reported by @bjoe2k4 on IRC (thanks), grepq() returns strange results for DNSCrypt-encrypted responses. It looks like the pointer we use to insert the DNS header into our response ring buffer points the DNSCrypt response, and not to the actual response from the backend anymore, meaning we would be reading the resolver magic and part of the nonce instead of the actual DNS header.
@rgacogne rgacogne added this to the dnsdist-1.2.0 milestone Aug 1, 2017
@rgacogne rgacogne self-assigned this Aug 1, 2017
@rgacogne rgacogne changed the title dnsdist: grepq returns garbage for DNSCrypt-ecnrypted responses dnsdist: grepq returns garbage for DNSCrypt-encrypted responses Aug 1, 2017
@rgacogne rgacogne mentioned this issue Aug 4, 2017
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rgacogne rgacogne

Labels
defect dnsdist
Projects
None yet
Milestone
dnsdist-1.2.0
Development

Successfully merging a pull request may close this issue.

dnsdist: Copy the DNS header before encrypting it in place rgacogne/pdns
1 participant
@rgacogne