TechnitiumSoftware / DnsServer

Technitium DNS Server
https://technitium.com/dns/
GNU General Public License v3.0
4.47k stars 431 forks source link

DNS Forwarder with Nextdns not working #296

Closed d3athg0d closed 3 years ago

d3athg0d commented 3 years ago

Hi have the following errors when i use Nextdns TLS.

it was working fine all along until v6.4

i tested using Goolge TLS and it works.

likewise, i booted up a old technitium dns server v5.3 and tested which it is still working fine with Nextdns TLS forwarder.

any help will be very much appreciated.

DNS Server recursive resolution failed for QNAME: autoupdate7.synology.com; QTYPE: A; QCLASS: IN; Forwarders: C

System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.

---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL.

---> Interop+Crypto+OpenSslCryptographicException: error:14094460:SSL routines:ssl3_read_bytes:reason(1120)

--- End of inner exception stack trace ---

at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, ReadOnlySpan`1 input, Byte[]& sendBuf, Int32& sendCount)

at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteSslContext& context, ReadOnlySpan`1 inputBuffer, Byte[]& outputBuffer, SslAuthenticationOptions sslAuthenticationOptions)

--- End of inner exception stack trace ---

at TechnitiumLibrary.Net.Dns.DnsClient.<>c__DisplayClass40_0.<g__DoResolveAsync|1>d.MoveNext() in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 1686

--- End of stack trace from previous location ---

at TechnitiumLibrary.Net.Dns.DnsClient.InternalResolveAsync(DnsDatagram request, Boolean qnameMinimization) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 1909

at DnsServerCore.Dns.DnsServer.RecursiveResolveAsync(DnsDatagram request, IReadOnlyList1 viaForwarders, Boolean cachePrefetchOperation, Boolean cacheRefreshOperation, TaskCompletionSource1 taskCompletionSource) in Z:\Technitium\Projects\DnsServer\DnsServerCore\Dns\DnsServer.cs:line 2039

ShreyasZare commented 3 years ago

Thanks for reporting this issue. The new version uses "dot" ALPN for the TLS handshake which NextDNS seems to not understand. There is an update planned for tomorrow which will get this fixed.

ShreyasZare commented 3 years ago

Update v6.4.1 is released which fixes this issue.