Can confirm that the dns logs indicate that systemd-resolved is not
falling back from UDP+EDNS0 to UDP in response to these NXDOMAIN
answers.
The existing patch only implements this fallback when the portal name
being looked up includes 'secure' as a substring:
+ if (DNS_PACKET_RCODE(p) == DNS_RCODE_NXDOMAIN &&
t->current_feature_level >= DNS_SERVER_FEATURE_LEVEL_EDNS0) {
+
+ char key_str[DNS_RESOURCE_KEY_STRING_MAX];
+ dns_resource_key_to_string(t->key, key_str, sizeof
key_str);
+ if (strstr(key_str, "secure") != NULL) {
+ t->current_feature_level =
t->current_feature_level - 1;
+
+ log_warning("Server returned error %s,
suspecting DNS violation DVE-2018-0001, retrying transaction with reduced
feature level %s.",
The packet capture shows a number of DNS lookups, but not containing the
substring 'secure'; and none that appear to correspond to the captive
portal itself. This may require a different sort of solution than the
previous bug, I'm not sure.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1766969
Title:
DNS cannot be resolved in Hotel Hotspot
Status in systemd package in Ubuntu:
Confirmed
Bug description:
I was asked to create a new bug for this in
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1727237 as it
seems to be a different issue.
I have installed the nightly image of Kubuntu Bionic from 25th of
April.
There systemd is in version 237-3ubuntu10.
When connecting to the wifi hotspot in my hotel (Quality Hotel
Augsburg) I cannot open the hotspot landing page that should give me
access to the WIFI. With Windows and on an Iphone it's working.
For the following distributions I can confirm it not working:
Kubuntu 17.10
Kubuntu 18.04 (nightly image 25th of April 2018)
The logs were taken on 18.04.
Workaround:
sudo systemctl disable systemd-resolved.service
sudo service systemd-resolved stop
sudo rm /etc/resolv.conf
sudo nano /etc/NetworkManager/NetworkManager.conf
>> add "dns=default" under [main]
sudo service network-manager restart
Then I can connect to the WIFI and I see the login page in Firefox.
To capture some data I did the following:
- connect to Hotspot
- enter golem.de
Case 1: Fresh default Kubuntu install
With a default Kubuntu install it does not work. I can connect to the WIFI
and get IP and DNS from DHCP but I cannot resolve any hostname. When trying to
open the router ip directly in the browser it forwards to hotsplots.de which
cannot be resolved.
Case 2: With aforementioned Workaround
I connect to the wifi, I open firefox and the login page shows up (if I
havent been connected yet. In the capture I already was able to connect to the
hotspot which allows immediately to connect to the webpage)
PS: I'll be in this hotel till Friday 27th if more information are
required.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1766969/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
