linkted / doh-client Goto Github PK
View Code? Open in Web Editor NEWDNS over HTTPS client
License: BSD 3-Clause "New" or "Revised" License
DNS over HTTPS client
License: BSD 3-Clause "New" or "Revised" License
For some time client worked. But after some system updates and/or reboot, it stopped.
Client version is 2.1.0
> /usr/bin/doh-client --listen-activation /etc/ca-certificates/extracted/tls-ca-bundle.pem
[ERROR doh_client] Cannot listen to UDP address file descriptor 3: Invalid argument (os error 22)
> uname -a
Linux manjaro 4.19.106-1-MANJARO #1 SMP Mon Feb 24 08:17:18 UTC 2020 x86_64 GNU/Linux
Hello!
I tried doh-client
and got following errors:
ERROR [doh_client::http2] GetResponse: DNS parser error: TooMuchData
Hi!
I use doh-client
on slow network and it works well, but there are plenty of error messages like:
ERROR [doh_client::http2] send_request: protocol error: not a result of an error
What does it mean? Is it because of my slow network or something else?
build
cargo b -r --no-default-features
command
./doh-client --get --cache-size 0 --listen-addr 127.0.0.1:9999 --domain dns.google --remote-host 8.8.8.8:443 /etc/ssl/cert.pem
dig @127.0.0.1 -p 9999 ocf.berkeley.edu
error message
[ERROR doh_client::handler] Could not retrieve DNS response from server: H2 Error: stream error received: not a result of an error
[ERROR doh_client::run] Could not handle request: Could not get response for: Dns { id: 64443, flags: Flags { qr: false, opcode: Query, aa: false, tc: false, rd: true, ra: false, ad: true, cd: false, rcode: NoError }, questions: [Question { domain_name: DomainName([Label("ocf"), Label("berkeley"), Label("edu")]), q_class: IN, q_type: A }], answers: [], authorities: [], additionals: [OPT(OPT { requestor_payload_size: 1232, extend_rcode: 0, version: 0, dnssec: false, edns_options: [Cookie(Cookie { client_cookie: [83, 150, 55, 76, 62, 1, 26, 211], server_cookie: None })] })] }
Note:
Reference:
Hi, I'm very interested in using your software to setup a private DoH Client.
However, when I try to start your doh client using client-side authentication i've got some problems.
For that I have:
sudo ./doh-client /path/to/client/cert.pem -d dns.example.net -r DNSIP:443
Additional info:
So my question is: is it possible to do what i'm trying to do with your DoH client?, did I miss something necessary to configure it well?
Thank you very much for your help.
Ivan Martinez.
IMT Atlantique
Hello!
First of all: this project is great. I came across it from the archlinux wiki and have started running it locally as my ISP appears to block DoT - let 'em try to block this!
I've been using the OpenNIC servers, which can be a touch unreliable. It can take a couple of queries for them to manage to get responses back. I realise this is an issue for them, really, but I'm wondering if doh-client
might include configuration for retrying a specific number of queries with a time between them. Something like this:
[[upstream.upstream_ietf]]
url = "..."
weight = 50
retry_attempts = 5
retry_interval = 1
If it is a non-starter, don't worry - it is on me to choose more reliable servers, or maybe try to contribute to the OpenNIC project to solve my own problem. But if you can help it'd be great.
Cheers
John
Hi, I'm very interested in using your DoH client, however, I have got a problem when trying to install your software on Linux.
I did everything as suggested in the README file: compile, copying the binary and the config files to the respective locations.
Then when I try to start the service with systemctl sart doh-client, i have this error at the log:
/usr/bin/doh-client: error while loading shared libraries: libgcc_s.so.1: cannot stat shared object: Operation not permitted
Aditional info:
marino@marino-PC:~$ ldconfig -p | grep libgcc_s.so.1
libgcc_s.so.1 (libc6,x32) => /usr/libx32/libgcc_s.so.1
libgcc_s.so.1 (libc6,x86-64) => /lib/x86_64-linux-gnu/libgcc_s.so.1
libgcc_s.so.1 (libc6) => /lib/i386-linux-gnu/libgcc_s.so.1
libgcc_s.so.1 (libc6) => /usr/lib32/libgcc_s.so.1
Do you have any idea why i'm getting this?,
Thank you very much.
Ivan Martinez
IMT Atlantique
I built doh-client 3.1.2 on my Tiny Core Linux laptop.
On the laptop the client works fine.
When I try running it on my router (which uses same version of Tiny Core Linux), I am unable to start the client:
$ sudo doh-client
[ERROR doh_client] Could not start doh-client: IO Error: Could not add any certificates
The client does not have a verbose mode. I'm stuck, not sure how to troubleshoot this. Any ideas?
program verion 3.1.2, after some system updates i am getting:
-> sudo systemctl status doh-client
× doh-client.service - DNS over HTTPS client
Loaded: loaded (/usr/lib/systemd/system/doh-client.service; enabled; preset: disabled)
Active: failed (Result: exit-code) since Sat 2022-10-08 16:20:13 CEST; 2s ago
Duration: 59ms
TriggeredBy: ● doh-client.socket
Process: 25424 ExecStart=/usr/bin/doh-client --remote-host 1.0.0.1:443 --listen-activation (code=exited, status=101)
Main PID: 25424 (code=exited, status=101)
CPU: 59ms
oct 08 16:20:12 linux-pc systemd[1]: Started DNS over HTTPS client.
oct 08 16:20:13 linux-pc doh-client[25424]: thread 'main' panicked at 'OS can't spawn worker thread: Operation not permitted (os error 1)', /home/linux/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.19.2/src/runtime/blocking/pool.rs:264:29
oct 08 16:20:13 linux-pc doh-client[25424]: note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
oct 08 16:20:13 linux-pc systemd[1]: doh-client.service: Main process exited, code=exited, status=101/n/a
oct 08 16:20:13 linux-pc systemd[1]: doh-client.service: Failed with result 'exit-code'.
Thank you for this amazing project!
doh-client fails to keep running under Address unreachable network outage
OS: Arch Linux
here's journalctl -eu doh-client
сен 11 14:31:33 okcomputer systemd[1]: Started DNS-over-HTTPS Client.
сен 11 14:31:33 okcomputer doh-client[901]: 2023/09/11 14:31:33 Get "https://1.1.1.1/dns-query?ct=application/dns-message&dns=AAABAAABAAAAAAABBnJlbGF5>
сен 11 14:31:33 okcomputer doh-client[901]: 2023/09/11 14:31:33 Get "https://1.1.1.1/dns-query?ct=application/dns-message&dns=AAABAAABAAAAAAABBnJlbGF5>
сен 11 14:31:33 okcomputer doh-client[901]: 2023/09/11 14:31:33 Get "https://1.1.1.1/dns-query?ct=application/dns-message&dns=AAABAAABAAAAAAABBnJlbGF5>
сен 11 14:31:33 okcomputer doh-client[901]: 2023/09/11 14:31:33 Get "https://1.1.1.1/dns-query?ct=application/dns-message&dns=AAABAAABAAAAAAABBnJlbGF5>
сен 11 14:31:36 okcomputer doh-client[901]: 2023/09/11 14:31:36 Get "https://1.1.1.1/dns-query?ct=application/dns-message&dns=AAABAAABAAAAAAABBHBpbmcJ>
сен 11 14:31:36 okcomputer doh-client[901]: 2023/09/11 14:31:36 Get "https://1.1.1.1/dns-query?ct=application/dns-message&dns=AAABAAABAAAAAAABBHBpbmcJ>
сен 11 14:31:36 okcomputer systemd[1]: Stopping DNS-over-HTTPS Client...
сен 11 14:31:36 okcomputer systemd[1]: doh-client.service: Deactivated successfully.
сен 11 14:31:36 okcomputer systemd[1]: Stopped DNS-over-HTTPS Client.
сен 11 14:31:36 okcomputer systemd[1]: Started DNS-over-HTTPS Client.
сен 11 14:31:36 okcomputer systemd[1]: Stopping DNS-over-HTTPS Client...
сен 11 14:31:36 okcomputer systemd[1]: doh-client.service: Deactivated successfully.
сен 11 14:31:36 okcomputer systemd[1]: Stopped DNS-over-HTTPS Client.
сен 11 14:31:36 okcomputer systemd[1]: Started DNS-over-HTTPS Client.
сен 11 14:31:36 okcomputer systemd[1]: Stopping DNS-over-HTTPS Client...
сен 11 14:31:36 okcomputer systemd[1]: doh-client.service: Deactivated successfully.
сен 11 14:31:36 okcomputer systemd[1]: Stopped DNS-over-HTTPS Client.
сен 11 14:31:36 okcomputer systemd[1]: Started DNS-over-HTTPS Client.
сен 11 14:31:41 okcomputer systemd[1]: Stopping DNS-over-HTTPS Client...
сен 11 14:31:41 okcomputer systemd[1]: doh-client.service: Deactivated successfully.
сен 11 14:31:41 okcomputer systemd[1]: Stopped DNS-over-HTTPS Client.
сен 11 14:31:41 okcomputer systemd[1]: Started DNS-over-HTTPS Client.
сен 11 14:31:41 okcomputer systemd[1]: Stopping DNS-over-HTTPS Client...
сен 11 14:31:41 okcomputer systemd[1]: doh-client.service: Deactivated successfully.
сен 11 14:31:41 okcomputer systemd[1]: Stopped DNS-over-HTTPS Client.
сен 11 14:31:41 okcomputer systemd[1]: doh-client.service: Start request repeated too quickly.
сен 11 14:31:41 okcomputer systemd[1]: doh-client.service: Failed with result 'start-limit-hit'.
сен 11 14:31:41 okcomputer systemd[1]: Failed to start DNS-over-HTTPS Client.
# Here I restart it manually and it starts working fine
сен 11 19:08:26 okcomputer systemd[1]: Started DNS-over-HTTPS Client.
Tell me if any additional info is needed, thanks
I'm getting these errors on Fedora 35 with AdGuard Home stable running behind nginx:
[ERROR doh_client::remote::helper] HTTP2 connection close: connection error detected: frame with invalid size
[ERROR doh_client::handler] Could not retrieve DNS response from server: H2 Error: connection error detected: frame with invalid size
[ERROR doh_client::run] Could not handle request: Could not get response for: Dns *debug print of Dns struct*
(I'm using the cache flag to make sure that's not the cause and timeout/retries flags to speed it up until I get it working)
Am I doing this wrong? It works on my iPhone
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.