Domain in binary format even when not set. about iodine HOT 6 CLOSED

The client automatically tests different encodings when logging in, to find the most efficient way to send data upstream.

See https://github.com/yarrick/iodine/blob/master/src/client.c#L1601

The -O flag controls downstream codec (server -> client). There is currently no flag for forcing a specific upstream codec.

What do you mean with "I've started the client to not run in binary format." ? I guess raw mode.

from iodine.

The query you see is still a valid DNS query (testing the limits of validation). If raw mode is used then it is just sending the raw packets instead, and the domain name you use will not be included anywhere.

from iodine.

Why do you think that the query is valid if the domain does not meet the domain name standard. To my knowledge characters like ? and @ are not permitted in a domain name.

from iodine.

Because if it works, transfers from the client to the server will be twice as fast. If you saw these domain names in the server, that means that it worked (or that you have no intermediate servers).

DNS server(s) between the client and the server only need to parse the end of the domain name - they just need enough to find the server to send it to. So the end of the domain name is still valid.

from iodine.

I understand this.

Would it be possible to disable this behaviour and decrease the performance in order to get domains that are "parseble". In the sense that tools like tcpdump might get those domains in a human readable domain names?

The reason I'm asking for this is that I'd like to build a dns tunneling classifier and I'd need some domains for that.

from iodine.

You can still parse domain names. They are encoded with length first, and then that many bytes, then repeat, following jumps for compression and ending when length is zero.

I will not change the code, but you can test with skipping parts of handshake_upenc_autodetect() in src/client.c

from iodine.