[Touch-packages] [Bug 1995260] Re: dnsmasq focal 2.80 NODATA instead of NXDOMAIN bug

Mon, 05 Dec 2022 02:41:39 -0800 

This bug was fixed in the package dnsmasq - 2.80-1.1ubuntu1.6

---------------
dnsmasq (2.80-1.1ubuntu1.6) focal; urgency=medium

  * src/cache.c: Apply 162e5e0062ce923c494cc64282f293f0ed64fc10 from
    upstream GIT to fix bug in DNS non-terminal code, added in 2.80,
    which could sometimes cause a NODATA rather than an NXDOMAIN
    reply (LP: #1995260).

 -- Miriam España Acebal <[email protected]>  Tue, 15 Nov 2022
10:35:15 +0100

** Changed in: dnsmasq (Ubuntu Focal)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dnsmasq in Ubuntu.
https://bugs.launchpad.net/bugs/1995260

Title:
  dnsmasq focal 2.80 NODATA instead of NXDOMAIN bug

Status in dnsmasq package in Ubuntu:
  Fix Released
Status in dnsmasq source package in Focal:
  Fix Released

Bug description:
  [SRU]

  [ Impact ]

  Sometimes dnsmasq is incorrectly returning NODATA instead of NXDOMAIN.
  This can lead to erroneous actions by clients who need to determine
  whether a domain name exists or not.

  [ Test Plan ]

  In a focal VM, install dnsmasq (apt install dnsmasq) if it wasn't
  installed yet.

  #0 Disabling systemd-resolved service and enabling resolution through
  dnsmasq.

  # systemctl disable --now systemd-resolved.service
  # rm -f /etc/resolv.conf
  # cat > /etc/resolv.conf << __EOF__
  nameserver 8.8.8.8
  __EOF__
  # systemctl start dnsmasq.service

  #1 Bad case

  # for i in srv txt aaaa a aaaa a txt srv; do host -t $i test.foo. 127.0.0.1 | 
tail -n 1; done
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)
  test.foo has no A record
  Host test.foo. not found: 3(NXDOMAIN)
  test.foo has no A record
  test.foo has no TXT record
  test.foo has no SRV record

  #2 Good case

  #2.1 Installing new package

  # ls -1 *.deb
  dnsmasq-utils_2.80-1.1ubuntu1.6_amd64.deb
  dnsmasq-base_2.80-1.1ubuntu1.6_amd64.deb
  dnsmasq_2.80-1.1ubuntu1.6_all.deb

  # dpkg -i *.deb
  (Reading database ... 32073 files and directories currently installed.)
  Preparing to unpack dnsmasq-base_2.80-1.1ubuntu1.6_amd64.deb ...
  Unpacking dnsmasq-base (2.80-1.1ubuntu1.6) over (2.80-1.1ubuntu1.5) ...
  Selecting previously unselected package dnsmasq-utils.
  Preparing to unpack dnsmasq-utils_2.80-1.1ubuntu1.6_amd64.deb ...
  Unpacking dnsmasq-utils (2.80-1.1ubuntu1.6) ...
  Preparing to unpack dnsmasq_2.80-1.1ubuntu1.6_all.deb ...
  Unpacking dnsmasq (2.80-1.1ubuntu1.6) over (2.80-1.1ubuntu1.5) ...
  Setting up dnsmasq-base (2.80-1.1ubuntu1.6) ...
  Setting up dnsmasq-utils (2.80-1.1ubuntu1.6) ...
  Setting up dnsmasq (2.80-1.1ubuntu1.6) ...
  Processing triggers for dbus (1.12.16-2ubuntu2.3) ...
  Processing triggers for man-db (2.9.1-1) ...
  Processing triggers for systemd (245.4-4ubuntu3.18) ...

  # dpkg -l | grep dnsmasq
  ii  dnsmasq                        2.80-1.1ubuntu1.6                 all      
    Small caching DNS proxy and DHCP/TFTP server
  ii  dnsmasq-base                   2.80-1.1ubuntu1.6                 amd64    
    Small caching DNS proxy and DHCP/TFTP server
  ii  dnsmasq-utils                  2.80-1.1ubuntu1.6                 amd64    
    Utilities for manipulating DHCP leases

  #2.2 Testing OK

  # for i in srv txt aaaa a aaaa a txt srv; do host -t $i test.foo. 127.0.0.1 | 
tail -n 1; done
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)
  Host test.foo. not found: 3(NXDOMAIN)

  [ Where problems could occur ]

  It changes the program's behaviour by classifying as NXDOMAIN what
  used to be NODATA in some situations, so if a user had a workaround
  for this (in the form of a script or other kind of automatization) it
  will probably start to malfunction.

  The last rebuilding of the package for Focal was in May, so if any new
  dependencies or libs have been upgraded on this Ubuntu series this can
  impact the new rebuild.

  [ Other Info ]

  The patch is applied upstream and originated from a bug filed on
  Fedora side: https://bugzilla.redhat.com/show_bug.cgi?id=1674067

  [Original Report]
  ---------------------------------------------------
  We upgraded our openstack containers which host dnsmasq services from bionic 
to focal. With this we got an update of dnsmasq from 2.79 to 2.80 which 
introduced a bug in our setup where dnsmasq returns NODATA instead of NXDOMAIN.

  This is already fixed upstream with the following commit [1].

  The Ubuntu dnsmasq 2.80 package should get a backport with a release
  for the focal packages which includes this bug fix.

  [1]
  
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=162e5e0062ce923c494cc64282f293f0ed64fc10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1995260/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to