Skip to content

Addressing lame DNS responses on WSL #1988

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 18, 2021
Merged

Addressing lame DNS responses on WSL #1988

merged 2 commits into from
Oct 18, 2021

Conversation

drwetter
Copy link
Collaborator

@drwetter drwetter commented Sep 15, 2021
edited
Loading

This commit provides a global variable to the RFC 6761 use of "invalid."
which WSL clients don't seem to handle very well, see #1738, #1812.
"invalid." is used as a target to find out in a couple of pre-checks what
is supported by the openssl version.

This PR reduces the number of openssl s_client -connect by a huge factor.
For the remaining invocations the OS used is being determined and if WSL is
assumed (the check is probably not 100% accurate) it uses 127.0.0.1:0 instead.
In (unfortunately only a few) pre-tests the response was immediate.

Also it is possible to use another target if needed by

 NXCONNECT=<mytargethere>:<myport> ./testssl.sh <URL>

@drwetter
Addressing lame DNS responses on WSL (WIP)
fe6c22f 
This commit provides a global variable to the RFC 6761 use of "invalid."
which WSL clients doen't seem to handle very well, see #1738, #1812.

With this commit it e.g. is possible to use

     NXCONNECT=localhost:0 ./testssl.sh <TARGET>

to save some time.

This commit will be amended later.
@drwetter drwetter marked this pull request as draft September 22, 2021 20:02
@drwetter
Save # of connects / WSL uses 127.0.0.1:0 by default
b6b5a67 
In order to save time and to spare WSL users lame DNS lookups
I removed a couple of connect calls from 14 to 4:

$OPENSSL s_client -ssl2 -connect invalid.
-->
OPENSSL s_client -ssl2

NXCONNECT to localhost IP and port 0 is now the default when WSL
is detected. Not sure whether this is working under all circumstances,
so this needs some testing.
@drwetter drwetter marked this pull request as ready for review October 2, 2021 13:37
@drwetter drwetter changed the title [WIP] Addressing lame DNS responses on WSL Addressing lame DNS responses on WSL Oct 2, 2021
@drwetter drwetter mentioned this pull request Oct 2, 2021
Closed
@drwetter drwetter merged commit 9683af4 into 3.1dev Oct 18, 2021
drwetter added a commit that referenced this pull request Oct 18, 2021
@drwetter
Addressing lame DNS responses on WSL (3.0)
6c555f4 
This commit provides a global variable to the RFC 6761 use of "invalid."
which WSL clients don't seem to handle very well, see #1738, #1812.
"invalid."  is used as a target to find out in a couple of pre-checks what
is supported by the openssl version.

This PR reduces the number of ``openssl s_client -connect`` by a huge factor.
For the remaining invocations the OS used is being determined and if WSL is
assumed (the check is probably not 100% accurate) it uses ``127.0.0.1:0`` instead.
In (unfortunately only a few) pre-tests the response was immediate.

Also it is possible to use another target if needed by

     NXCONNECT=<mytargethere>:<myport> ./testssl.sh <URL>

This is for 3.0. For 3.1dev see #1988 .
@drwetter drwetter mentioned this pull request Oct 18, 2021
Merged
@drwetter drwetter deleted the windows_dns_fix branch October 21, 2021 07:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@drwetter