Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DoH Android 9 Support #236

Closed
pratikgajjar opened this issue Jul 26, 2021 · 4 comments
Closed

DoH Android 9 Support #236

pratikgajjar opened this issue Jul 26, 2021 · 4 comments
Assignees
@0xERR0R
Labels
🐞 bug Something isn't working 🔨 enhancement New feature or request
Milestone
v0.15

Comments

@pratikgajjar
Copy link

pratikgajjar commented Jul 26, 2021
edited
Loading

Ideal Scenario :

  • On android 9 and above self hosted (blocky) DNS should work like 1dot1dot1dot1.cloudflare-dns.com or dns.google

Issue :
Current API is not compatible with cloudflare one or android 9. I have tested via cmd. There must be some global API spec on how to implement DoH.

Note : Current blocky server works with Nebulo (Android App), If we make it compatible then we won't be needing any 3rd party app to use Blocky.

Cloudflare wireformat Request

$ curl -H 'accept: application/dns-message' -v 'https://cloudflare-dns.com/dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    49  100    49    0     0    382      0 --:--:-- --:--:-- --:--:--   382
0000000 cdab 8081 0100 0100 0000 0000 7703 7777
0000010 6507 6178 706d 656c 6303 6d6f 0000 0001
0000020 c001 000c 0001 0001 3701 0061 5d04 d8b8
0000030 0022
0000031

Blocky Request

$ curl -H 'accept: application/dns-message' -v 'https://dns.blocky.com/dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    64  100    64    0     0    800      0 --:--:-- --:--:-- --:--:--   800
0000000 cdab 8081 0100 0100 0000 0000 7703 7777
0000010 6507 6178 706d 656c 6303 6d6f 0000 0001
0000020 0301 7777 0777 7865 6d61 6c70 0365 6f63
0000030 006d 0100 0100 0000 074c 0400 b85d 22d8
0000040

I can contribute via writing code as well, Need guidance from author on current implementation and need to figure out what logic cloudflare has used. Looking at binary It seems this might be minor fix with some formatting changes.

Edit 1
@0xERR0R 0xERR0R self-assigned this Jul 27, 2021
@0xERR0R 0xERR0R added the 🐞 bug Something isn't working label Jul 27, 2021
@0xERR0R
Copy link
Owner

0xERR0R commented Jul 27, 2021

I think, the "problem" is the compression. I enabled the compression (DNS wire format), now I get the same result:

# Cloudflare DoH
curl -H 'accept: application/dns-message' -v 'https://cloudflare-dns.com/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump
...
0000000 0000 8081 0100 0100 0000 0000 7703 7777
0000010 6507 6178 706d 656c 6303 6d6f 0000 0001
0000020 c001 000c 0001 0001 3301 005e 5d04 d8b8
0000030 0022                                   
0000031

# Google DoH
curl -H 'accept: application/dns-message' -v 'https://dns.google/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump
...
0000000 0000 8081 0100 0100 0000 0000 7703 7777
0000010 6507 6178 706d 656c 6303 6d6f 0000 0001
0000020 c001 000c 0001 0001 5000 00c6 5d04 d8b8
0000030 0022                                   
0000031

# Blocky DoH
curl -H 'accept: application/dns-message' -v 'http://localhost:4000/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump
...
0000000 0000 0081 0100 0100 0000 0000 7703 7777
0000010 6507 6178 706d 656c 6303 6d6f 0000 0001
0000020 c001 000c 0001 0001 3301 002a 5d04 d8b8
0000030 0022                                   
0000031

Compression should be optional, but maybe android implementation expects only compressed format

@0xERR0R 0xERR0R added this to the 0.15 milestone Jul 27, 2021
0xERR0R added a commit that referenced this issue Jul 27, 2021
@0xERR0R
#236: Enable wire format compression to support Android 9 DoH
301c8e4
@0xERR0R 0xERR0R closed this as completed Jul 27, 2021
@0xERR0R 0xERR0R added the 🔨 enhancement New feature or request label Jul 27, 2021
@pratikgajjar
Copy link
Author

pratikgajjar commented Jul 30, 2021
edited
Loading

Hey, Thank you for the revert, but It seems even in your output they are not same. All three are different hexcode in fact.

Check this diff

Left : Cloudflare
Right: blocky

Screenshot 2021-07-31 at 1 57 26 AM

Even google and cloudflare's responses are not same 💀

Left: Cloudflare
Right: Google

Screenshot 2021-07-31 at 2 01 24 AM

Also I tried using blocky v0.15 in Android 11 phone, It says can't connect to dns server.

@0xERR0R
Copy link
Owner

0xERR0R commented Jul 31, 2021

I tested with example.com and all resolvers returned the same result. If you test with another domain, it is possible that different tesolvers return different result (other TTL, different order etc). Can you compare with plain dns query?
Does Android DoH with blocky work now?

@pratikgajjar
Copy link
Author

pratikgajjar commented Jul 31, 2021
edited
Loading

Not sure what's the issue but Android DoH didn't work. I am reading this rfc later will check android docs on how their client works then I might find something.

You can use dns[dot]pratikgajjar[dot]in to test if you have android device.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@0xERR0R 0xERR0R

Labels
🐞 bug Something isn't working 🔨 enhancement New feature or request
Projects
None yet
Milestone
v0.15
Development

No branches or pull requests
2 participants
@pratikgajjar @0xERR0R