-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"DNS leak" bug in http proxy mode #84
Comments
default mode proxy will try access domain directly, if failed then access it through parent , you can prevent it by two ways,1:add |
this is very bad idea for default mode,, 👎 The execute of the client with the argument |
--always means client forward all raw request to parent with no resolve in client , you may have some mistake |
this is my server on remote computer in another country: this is my client in my personal computer: i run this command on my oersonal computer: and this is my sniff date on personal computer: client side proxy (with --always argument) send dns packet for solving domain name where is my mistake? :( |
the client and server log is? |
it is firefox useing proxy problem,see:https://www.reddit.com/r/linuxquestions/comments/7slstp/proxy_dns_when_using_socks5_not_adhered_to_when/ , if you can find which program send A query ,it wiil be firefox not proxy. you can fix that by above link page. Only Socks v5 (not v4) supports DNS proxy on Firefox and you must also tick the checkbox "Proxy DNS when using SOCKS v5" at the bottom of the network settings screen. |
:||| I have not any problem with another http(s) proxy |
show the server log output,when exec curl. |
my client: curl command when open
My clinet Logs:
2018/05/23 16:35:25 use tls parent SERVER_IP:10801 SERVER Logs when open abc.efg:./proxy http -t tls -p ":10801" -C proxy.crt -K proxy.key --forever -z "S"2018/05/23 12:05:18 worker ./proxy [PID] 10556 running...
2018/05/23 12:05:18 tls http(s) proxy on [::]:10801 SERVER Logs when open google.com:./proxy http -t tls -p ":10801" -C proxy.crt -K proxy.key --forever -z "S"2018/05/23 12:10:32 worker ./proxy [PID] 10586 running...
2018/05/23 12:10:45 CONNECT:google.com:443 and i sniff two DNS request on my client side for resolving doman name thank you |
no matter what ever,the server log means that the abc.efg requested by server and dns also |
i found line of this bug: Line 232 in bfcc27e
this line execute before check
then: solation: check thank you |
This problem solved at commit 5c9fc85 on |
blow commands initiation http(s) proxy
all is good,,
but client listener have "DNS leak" bug,, for example if we request :
curl -x "127.0.0.1:5656" "https://abc.def/"
we can see "adc.def" host name resolve in client side!!!
this line have problem(maybe):
goproxy/services/http.go
Line 101 in 482977a
The text was updated successfully, but these errors were encountered: