https://bugs.exim.org/show_bug.cgi?id=3177
Bug ID: 3177
Summary: Usage of Net::DNS::Resolver fails with 4.99
Product: Exim
Version: 4.99
Hardware: x86
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: Perl
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
We are using a perl script that looksup onion domains to be router over tor.
In detail it is explained here: https://tech.immerda.ch/2016/12/ehlo-onion/ and
worked over the last years without any issues.
With the upgrade to 4.99 lookup up the IP for the onion IP suddenly fails.
Nothing else changed.
Downgrading to 4.98 makes it work again.
Essentially it is the following perl routine in use (I added for debugging
purposes the log_write statements):
use Net::DNS::Resolver;
sub onionLookup {
my $hostname = shift;
Exim::log_write("perl hostname: " . $hostname);
my $res = Net::DNS::Resolver->new(nameservers => [qw(127.0.0.1)],);
$res->port(5300);
my $query = $res->search($hostname);
Exim::log_write("perl query " . $query);
if ($query) {
foreach my $rr ($query->answer) {
next unless $rr->type eq "A";
return $rr->address;
}
}
return 'no_such_host';
}
When trying to debug the lookup the following logs are seen:
lookup yielded:
aj3nsqqcksrrc5cye5etjsoewz6jrygpekzwoko3q6wyxjlb3dgasfid.onion
LOG: MAIN
perl hostname: aj3nsqqcksrrc5cye5etjsoewz6jrygpekzwoko3q6wyxjlb3dgasfid.onion
DNS lookup of aj3nsqqcksrrc5cye5etjsoewz6jrygpekzwoko3q6wyxjlb3dgasfid.onion
(?) gave HOST_NOT_FOUND
returning DNS_NOMATCH
faking res_search(?) response length as 65535
writing neg-cache entry for
aj3nsqqcksrrc5cye5etjsoewz6jrygpekzwoko3q6wyxjlb3dgasfid.onion-?-2c1, ttl 3600
LOG: MAIN
perl query
original list of hosts = 'no_such_host' options = ''
expanded list of hosts = 'no_such_host' options = ''
set transport 'onion_relay'
finding IP address for no_such_host
We can see that the right hostname was passed - however dns lookup immediately
fails with HOST_NO_FOUND / DNS_NOMATCH
There is also *no* traffic on the loopback device port 5300 (tcpdump -nn -i lo
port 5300)
With 4.98 we can see traffic passing through.
I could not find anything related to perl subroutines in the changelog of 4.99.
However, I can see certain perl related changes in the code due to the SPF_PERL
integration and there is especially this code, that seems to overwrites
Net::DNS::Resolver->send method:
https://github.com/Exim/exim/commit/040f2adb90030450c5aa0a2ce4e8ab529b96bf63#diff-6a2f7d0f079067d5fa4f15c2db755783e723dcaecb9511b72a71ed942245c37cR134-R161
And since Net::DNS::Resolver->query uses send to do the effective query, it
seems to me that this means, that any Net::DNS::Resolver->query will now go
over exim dns subsystem without any possibility to configure e.g. port or so.
Also as far as I understand the code, although SPF PERL support is optional,
the perl patching part is happening always.
=> exim changes the way how dns lookups are done in perl code and it doesn't
seem possible to define a port or so for the dns lookup.
System: CentOS Stream 9 - exim installed through EPEL packages.
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## [email protected]
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
