search

netblue30 / fdns

Firejail DNS-over-HTTPS Proxy Server
GNU General Public License v3.0
115 stars 29 forks source link

fdns --monitor - Waiting for fdns to start... #40

Closed glitsj16 closed 3 years ago

glitsj16 commented 4 years ago

After the introduction of the cashpack library I have experienced build and run issues with fdns build from git on Arch Linux. It's been a bit more complicated than usual to do proper testing due to several factors being involved, and I'm not 100% certain that my current build (which has the run issues) is causing these issues or something I messed-up during build. Nonetheless, I wanted to throw it out here.

Arch Linux has gcc-10 now, and I needed to edit my PKGBUILD for fdns-git slightly to account for that. Adding -fcommon to CFLAGS took care of a linker failure during 'make install'. This is not specific to fdns though, I had to do similar stuff for other packages too with the new gcc-10.

Unrelated to the above the build process kept throwing more unexpected errors. One about xxd not being detected during ./configure was simply due to not having vim installed on my arch machine. That made me wonder a bit, I never needed vim (more specificly xxd) before, but I installed it. Sure enough, the error disappeared and ./configure succeeded after doing so.

During 'make' I encountered the biggest hurdle:

[...]
godecode.go:32:2: cannot find package "golang_org/x/net/http2/hpack" in any of:
    /usr/lib/go/src/golang_org/x/net/http2/hpack (from $GOROOT)
[...]

After some digging,it turned out that this was introduced by the recent cashpack library incorporation via https://github.com/netblue30/fdns/commit/357131147895ac410d3e1be532fe7f2591179398 (which is also the reason why xxd is now needed at build-time by the way).

$ makepkg ` ` ` checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking for a BSD-compatible install... /usr/bin/install -c checking for ranlib... ranlib checking whether C compiler accepts -mindirect-branch=thunk... yes checking whether C compiler accepts -mretpoline... no checking whether C compiler accepts -fstack-clash-protection... yes checking whether C compiler accepts -fstack-protector-strong... yes checking for main in -lpthread... yes checking how to run the C preprocessor... gcc -E checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking pthread.h usability... yes checking pthread.h presence... yes checking for pthread.h... yes checking for main in -lseccomp... yes checking seccomp.h usability... yes checking seccomp.h presence... yes checking for seccomp.h... yes libseccomp library found checking for pkg-config... pkg-config checking whether compiling and linking against OpenSSL works... yes OpenSSL library found cashpack-0.3/ cashpack-0.3/inc/ cashpack-0.3/inc/uncrustify.cfg cashpack-0.3/inc/hpack_assert.h cashpack-0.3/inc/dbg.h cashpack-0.3/inc/hpack.h.in cashpack-0.3/inc/tbl/ cashpack-0.3/inc/tbl/hpack_pseudo_headers.h cashpack-0.3/inc/tbl/hpack_tbl.h cashpack-0.3/inc/tbl/hpack_huffman.h cashpack-0.3/inc/tbl/hpack_static.h cashpack-0.3/inc/hpack_priv.h cashpack-0.3/inc/Makefile.in cashpack-0.3/inc/hpack.h cashpack-0.3/inc/Makefile.am cashpack-0.3/inc/cpp_ignore cashpack-0.3/configure.ac cashpack-0.3/README.rst cashpack-0.3/cashpack.spec.in cashpack-0.3/m4/ cashpack-0.3/m4/cashpack.m4 cashpack-0.3/m4/libtool.m4 cashpack-0.3/m4/ltversion.m4 cashpack-0.3/m4/ld-version-script.m4 cashpack-0.3/m4/ltsugar.m4 cashpack-0.3/m4/lt~obsolete.m4 cashpack-0.3/m4/ltoptions.m4 cashpack-0.3/tst/ cashpack-0.3/tst/rfc7541_c_6_3 cashpack-0.3/tst/rfc7541_c_3_3 cashpack-0.3/tst/hdecode.c cashpack-0.3/tst/hpack_huf cashpack-0.3/tst/rfc7541_c_2_4 cashpack-0.3/tst/rfc7541_c_5_1 cashpack-0.3/tst/godecode.go cashpack-0.3/tst/rfc7541_c_5_3 cashpack-0.3/tst/ngdecode.c cashpack-0.3/tst/rfc7541_c_3_1 cashpack-0.3/tst/hpack_arg cashpack-0.3/tst/common.sh cashpack-0.3/tst/rfc7541_c_2_2 cashpack-0.3/tst/rfc7541_4_3 cashpack-0.3/tst/tst.c cashpack-0.3/tst/hpack_enc cashpack-0.3/tst/hencode.c cashpack-0.3/tst/rfc7540_4_3 cashpack-0.3/tst/rfc7541_c_4_3 cashpack-0.3/tst/hex_decode cashpack-0.3/tst/hex_encode cashpack-0.3/tst/rfc7541_c_6_1 cashpack-0.3/tst/rfc7230_3_2 cashpack-0.3/tst/rfc7541_c_6_2 cashpack-0.3/tst/rfc7541_6_3 cashpack-0.3/tst/rfc7541_c_3_2 cashpack-0.3/tst/rfc7540_8_1_2 cashpack-0.3/tst/rfc7541_4_1 cashpack-0.3/tst/rfc7541_c_4_2 cashpack-0.3/tst/hpack_arg.c cashpack-0.3/tst/hpack_cov cashpack-0.3/tst/rfc7541_6_1 cashpack-0.3/tst/rfc7541_c_5_2 cashpack-0.3/tst/rfc7541_c_2_1 cashpack-0.3/tst/bincheck cashpack-0.3/tst/Makefile.in cashpack-0.3/tst/rfc7541_5_1 cashpack-0.3/tst/rfc7541_4_2 cashpack-0.3/tst/Makefile.am cashpack-0.3/tst/rfc7541_4_4 cashpack-0.3/tst/hpack_tbl cashpack-0.3/tst/hpack_dec cashpack-0.3/tst/tst.h cashpack-0.3/tst/rfc7541_2_3_3 cashpack-0.3/tst/rfc7541_2_3_2 cashpack-0.3/tst/hexcheck cashpack-0.3/tst/rfc7541_5_2 cashpack-0.3/tst/afl_fuzz cashpack-0.3/tst/rfc7541_c_2_3 cashpack-0.3/tst/rfc7541_c_4_1 cashpack-0.3/tst/fdecode.c cashpack-0.3/lib/ cashpack-0.3/lib/hpack_huf.c cashpack-0.3/lib/cashpack.pc.in cashpack-0.3/lib/hpack.c cashpack-0.3/lib/hpack_val.c cashpack-0.3/lib/hpiencode.c cashpack-0.3/lib/hpack_tbl.c cashpack-0.3/lib/Makefile.in cashpack-0.3/lib/hpack_enc.c cashpack-0.3/lib/hpack_int.c cashpack-0.3/lib/Makefile.am cashpack-0.3/lib/cashpack.map cashpack-0.3/lib/hpack_dec.c cashpack-0.3/Makefile.in cashpack-0.3/Makefile.am cashpack-0.3/build-aux/ cashpack-0.3/build-aux/config.guess cashpack-0.3/build-aux/test-driver cashpack-0.3/build-aux/missing cashpack-0.3/build-aux/ltmain.sh cashpack-0.3/build-aux/compile cashpack-0.3/build-aux/depcomp cashpack-0.3/build-aux/install-sh cashpack-0.3/build-aux/config.sub cashpack-0.3/cashpack.spec cashpack-0.3/man/ cashpack-0.3/man/requests.txt cashpack-0.3/man/hpack_encode.3.rst cashpack-0.3/man/hpack_strerror.3 cashpack-0.3/man/hpr2rst.c cashpack-0.3/man/hpack_error.3 cashpack-0.3/man/hpack_encode.3 cashpack-0.3/man/hpack_tables.3 cashpack-0.3/man/hpack_index.3.rst cashpack-0.3/man/cashpack.3 cashpack-0.3/man/hpack_alloc.3 cashpack-0.3/man/hpack_encoder.3 cashpack-0.3/man/hpack_static.3 cashpack-0.3/man/hpack_resize.3 cashpack-0.3/man/cashdumb.c cashpack-0.3/man/hpack_dump.c cashpack-0.3/man/hpack_decode.3 cashpack-0.3/man/cashdump.c cashpack-0.3/man/hpack_trim.3 cashpack-0.3/man/Makefile.in cashpack-0.3/man/hpack_dynamic.3 cashpack-0.3/man/hpack_limit.3 cashpack-0.3/man/hpe2rst.c cashpack-0.3/man/Makefile.am cashpack-0.3/man/hpack_decode.3.rst cashpack-0.3/man/hpack_alloc.3.rst cashpack-0.3/man/hpack_decoder.3 cashpack-0.3/man/hpf2rst.c cashpack-0.3/man/frames.hex cashpack-0.3/man/hpack_error.3.rst cashpack-0.3/man/cashpack.3.rst cashpack-0.3/man/hpack_dump.3 cashpack-0.3/man/hpack_index.3 cashpack-0.3/man/hpack_free.3 cashpack-0.3/LICENSE cashpack-0.3/configure cashpack-0.3/aclocal.m4 cashpack-0.3/gen/ cashpack-0.3/gen/hpack_huf_enc.c cashpack-0.3/gen/gen.h cashpack-0.3/gen/hpack_huf_enc.h cashpack-0.3/gen/hpack_huf_dec.c cashpack-0.3/gen/Makefile.in cashpack-0.3/gen/hpack_huf_dec.h cashpack-0.3/gen/Makefile.am checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether gcc understands -c and -o together... yes checking how to run the C preprocessor... gcc -E checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking minix/config.h usability... no checking minix/config.h presence... no checking for minix/config.h... no checking whether it is safe to define __EXTENSIONS__... yes checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /usr/bin/mkdir -p checking for gawk... gawk checking whether make sets $(MAKE)... yes checking for style of include used by make... GNU checking whether make supports nested variables... yes checking dependency style of gcc... gcc3 checking whether make supports nested variables... (cached) yes checking whether build environment is sane... yes checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking how to print strings... printf checking for a sed that does not truncate output... /usr/bin/sed checking for fgrep... /usr/bin/grep -F checking for ld used by gcc... /usr/bin/ld checking if the linker (/usr/bin/ld) is GNU ld... yes checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B checking the name lister (/usr/bin/nm -B) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 1572864 checking how to convert x86_64-unknown-linux-gnu file names to x86_64-unknown-linux-gnu format... func_convert_file_noop checking how to convert x86_64-unknown-linux-gnu file names to toolchain format... func_convert_file_noop checking for /usr/bin/ld option to reload object files... -r checking for objdump... objdump checking how to recognize dependent libraries... pass_all checking for dlltool... no checking how to associate runtime and link libraries... printf %s\n checking for ar... ar checking for archiver @FILE support... no checking for strip... strip checking for ranlib... ranlib checking command to parse /usr/bin/nm -B output from gcc object... ok checking for sysroot... no checking for a working dd... /usr/bin/dd checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1 checking for mt... no checking if : is a manifest tool... no checking for dlfcn.h... yes checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -fPIC -DPIC checking if gcc PIC flag -fPIC -DPIC works... yes checking if gcc static flag -static works... yes checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes checking whether -lc should be explicitly linked in... no checking dynamic linker characteristics... GNU/Linux ld.so checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes checking for a sed that does not truncate output... (cached) /usr/bin/sed checking for gawk... (cached) gawk checking for gcc option to accept ISO C99... none needed checking for preprocessor stringizing operator... yes checking if LD -Wl,--version-script works... yes checking whether the compiler accepts -Werror... yes checking whether the compiler accepts -Wall... yes checking whether the compiler accepts -W... yes checking whether the compiler accepts -Wstrict-prototypes... yes checking whether the compiler accepts -Wmissing-prototypes... yes checking whether the compiler accepts -Wpointer-arith... yes checking whether the compiler accepts -Wreturn-type... yes checking whether the compiler accepts -Wcast-qual... yes checking whether the compiler accepts -Wwrite-strings... yes checking whether the compiler accepts -Wswitch... yes checking whether the compiler accepts -Wshadow... yes checking whether the compiler accepts -Wunused-parameter... yes checking whether the compiler accepts -Wcast-align... yes checking whether the compiler accepts -Wchar-subscripts... yes checking whether the compiler accepts -Winline... yes checking whether the compiler accepts -Wnested-externs... yes checking whether the compiler accepts -Wredundant-decls... yes checking whether the compiler accepts -Wold-style-definition... yes checking whether the compiler accepts -Wmissing-variable-declarations... no checking whether the compiler accepts -Wextra... yes checking whether the compiler accepts -Wmissing-declarations... yes checking whether the compiler accepts -Wredundant-decls... yes checking whether the compiler accepts -Wsign-compare... yes checking whether the compiler accepts -Wunused-result... yes checking whether the compiler accepts -errwarn=%all... no checking whether the compiler accepts -errtags=yes... no checking whether the compiler accepts -Wsparse-all... no checking whether the compiler accepts -Wsparse-error... no checking whether the compiler accepts -pedantic... yes checking whether the compiler accepts -std=c99... yes checking whether the compiler accepts -D_POSIX_C_SOURCE=200809L... yes checking for pkg-config... /usr/bin/pkg-config checking pkg-config is at least version 0.9.0... yes checking for NGHTTP2... yes checking for golang >= 1.7... yes checking for hexdump... hexdump checking for rst2man.py... rst2man.py checking for uncrustify... no checking for valgrind... no checking for RFC 7541-compatible hexdumps... yes checking for working bindumps to hexdumps conversions... yes checking that generated files are newer than configure... done checking that generated files are newer than configure... done configure: creating ./config.status config.status: creating Makefile config.status: creating cashpack.spec config.status: creating gen/Makefile config.status: creating inc/Makefile config.status: creating lib/Makefile config.status: creating lib/cashpack.pc config.status: creating man/Makefile config.status: creating tst/Makefile config.status: executing depfiles commands config.status: executing libtool commands configure: creating ./config.status config.status: creating Makefile config.status: creating src/common.mk config.status: creating src/fdns/Makefile config.status: creating test/src/fdnstress/Makefile Configuration options: prefix: /usr sysconfdir: /etc Spectre compiler patch: yes EXTRA_LDFLAGS: EXTRA_CFLAGS: -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong fatal warnings: Gcov instrumentation: /usr/bin/make -C src/cashpack-0.3 ./mkman.sh 0.9.63 src/man/fdns.txt fdns.1 make[1]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3' Making all in gen make[2]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/gen' CC hpack_huf_dec.o CC hpack_huf_enc.o CCLD hpack_huf_dec.gen CCLD hpack_huf_enc.gen GEN hpack_huf_enc.h GEN hpack_huf_dec.h /usr/bin/make all-am make[3]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/gen' make[3]: Nothing to be done for 'all-am'. make[3]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/gen' make[2]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/gen' Making all in inc make[2]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/inc' /usr/bin/make all-am make[3]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/inc' make[3]: Nothing to be done for 'all-am'. make[3]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/inc' make[2]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/inc' Making all in lib make[2]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/lib' CC hpack.lo CC hpack_dec.lo CC hpack_enc.lo CC hpack_huf.lo CC hpack_int.lo CC hpack_tbl.lo CC hpack_val.lo CC hpiencode.o CCLD hpiencode CCLD libhpack.la /usr/bin/ar: `u' modifier ignored since `D' is the default (see `U') make[2]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/lib' Making all in man make[2]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/man' CC cashdumb.o CC cashdump.o CC hpack_dump.o CC hpe2rst.o CC hpf2rst.o CC hpr2rst.o GEN cashdump.hex GEN cashdump.src GEN cashdumb.src GEN cashdumb.txt CCLD cashdumb GEN hpack_dump.src CCLD cashdump CCLD hpack_dump CCLD hpe2rst.gen CCLD hpf2rst.gen CCLD hpr2rst.gen GEN hpe2rst.rst GEN cashdump.out GEN cashdumb.out /usr/bin/ls: ./cashdump: Unknown error 22096 GEN hpr2rst.rst GEN hpf2rst.rst GEN hpack_error.3 GEN cashpack.3 GEN hpack_encode.3 make[2]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/man' Making all in tst make[2]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/tst' CC hpack_arg.o CC tst.o CC fdecode.o CC hdecode.o CC hencode.o CC ngdecode-tst.o CC ngdecode-ngdecode.o GO src CCLD hpack_arg CCLD hdecode CCLD fdecode CCLD hencode CCLD ngdecode GO godecode godecode.go:32:2: cannot find package "golang_org/x/net/http2/hpack" in any of: /usr/lib/go/src/golang_org/x/net/http2/hpack (from $GOROOT) /home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/tst/src/golang_org/x/net/http2/hpack (from $GOPATH) make[2]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3/tst' make[2]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3' make[2]: Nothing to be done for 'all-am'. make[2]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3' make[1]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/cashpack-0.3' /usr/bin/make -C src/fdns /usr/bin/make -C test/src/fdnstress make[1]: Entering directory '/home/glitsj16/fdns-git/src/fdns/src/fdns' gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c cache.c -o cache.o make[1]: Entering directory '/home/glitsj16/fdns-git/src/fdns/test/src/fdnstress' gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c main.c -o main.o gcc -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now -pie -Wl,-z,relro -Wl,-z,now -lpthread -o fdnstress main.o -lanl gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c dns.c -o dns.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c dnsdb.c -o dnsdb.o make[1]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/test/src/fdnstress' gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c filter.c -o filter.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c forwarder.c -o forwarder.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c frontend.c -o frontend.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c h2.c -o h2.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c lint.c -o lint.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c log.c -o log.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c main.c -o main.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c net.c -o net.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c procs.c -o procs.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c resolver.c -o resolver.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c security.c -o security.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c server.c -o server.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c shmem.c -o shmem.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c ssl.c -o ssl.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c timetrace.c -o timetrace.o gcc -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fcommon -ggdb -O2 -DVERSION='"0.9.63"' -DPREFIX='"/usr"' -DSYSCONFDIR='"/etc/fdns"' -DLIBDIR='"/usr/lib"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -fstack-clash-protection -fstack-protector-strong -c whitelist.c -o whitelist.o gcc -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now -pie -Wl,-z,relro -Wl,-z,now -lpthread -o fdns cache.o dns.o dnsdb.o filter.o forwarder.o frontend.o h2.o lint.o log.o main.o net.o procs.o resolver.o security.o server.o shmem.o ssl.o timetrace.o whitelist.o ../cashpack-0.3/lib/.libs/libhpack.a -lssl -lcrypto -lrt -lseccomp make[1]: Leaving directory '/home/glitsj16/fdns-git/src/fdns/src/fdns' ` ` `

Took a long time to figure this one out, playing with the GOPATH env var didn't do anything useful, but eventually I decided to try adding a go-related symlink on my machine: sudo ln -fs /usr/lib/go/src/vendor/golang.org/ /usr/lib/go/src/golang_org. That seems to have enabled me to get a succesful fdns build from master. Seems, because I'm not fully convinced this is the proper way to deal with the observed error at all.

At run-time I wasn't getting much further either. Seeing several Error LANrx: invalid DNS section counts: 1 0 0 1, dropped lines in my fdns log convinced me it was time to report this here. But like I said, this could all be false-positives due to my way of dealing with the cashpack errors.

$ /usr/bin/fdns --debug-h2 --proxy-addr-any --server=appliedprivacy ` ` ` Testing server appliedprivacy (-1) h2 rx stream 0, len 12, type 0x04 SETTINGS, flags 0x00 () (-1) h2 rx stream 0, len 0, type 0x04 SETTINGS, flags 0x01 (end stream,) (-1) h2 tx stream 15, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 tx query example.com stream 15, len 48, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 rx stream 0, len 4, type 0x08 UNKNOWN, flags 0x00 () (-1) h2 rx stream 15, len 53, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 rx stream 15, len 88, type 0x00 DATA, flags 0x01 (end stream,) SSL connection opened in 212.42 ms (-1) h2 tx stream 17, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 tx query example.com stream 17, len 48, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 rx stream 17, len 9, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 rx stream 17, len 88, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 tx stream 19, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 tx query example.com stream 19, len 48, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 rx stream 19, len 9, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 rx stream 19, len 88, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 tx stream 21, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 tx query example.com stream 21, len 48, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 rx stream 21, len 9, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 rx stream 21, len 88, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 tx stream 23, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 tx query example.com stream 23, len 48, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 rx stream 23, len 9, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 rx stream 23, len 88, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 tx stream 25, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 tx query example.com stream 25, len 48, type 0x00 DATA, flags 0x01 (end stream,) (-1) h2 rx stream 25, len 9, type 0x01 HEADERS, flags 0x04 (end headers,) (-1) h2 rx stream 25, len 88, type 0x00 DATA, flags 0x01 (end stream,) DoH response average 31.96 ms fdns starting connecting to appliedprivacy server non-profit, Austria, Europe listening on all available interfaces 342 filter entries added from /etc/fdns/trackers 5277 filter entries added from /etc/fdns/fp-trackers 51399 filter entries added from /etc/fdns/adblocker 12604 filter entries added from /etc/fdns/coinblocker (0) SSL connection opened (1) SSL connection opened (0) h2 rx stream 0, len 12, type 0x04 SETTINGS, flags 0x00 () (0) h2 rx stream 0, len 0, type 0x04 SETTINGS, flags 0x01 (end stream,) (0) h2 tx stream 15, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (0) h2 tx query example.com stream 15, len 48, type 0x00 DATA, flags 0x01 (end stream,) (2) SSL connection opened (0) h2 rx stream 0, len 4, type 0x08 UNKNOWN, flags 0x00 () (0) h2 rx stream 15, len 53, type 0x01 HEADERS, flags 0x04 (end headers,) (0) h2 rx stream 15, len 88, type 0x00 DATA, flags 0x01 (end stream,) (1) h2 rx stream 0, len 12, type 0x04 SETTINGS, flags 0x00 () (1) h2 rx stream 0, len 0, type 0x04 SETTINGS, flags 0x01 (end stream,) (1) h2 tx stream 15, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (1) h2 tx query example.com stream 15, len 48, type 0x00 DATA, flags 0x01 (end stream,) (1) h2 rx stream 0, len 4, type 0x08 UNKNOWN, flags 0x00 () (1) h2 rx stream 15, len 53, type 0x01 HEADERS, flags 0x04 (end headers,) (1) h2 rx stream 15, len 88, type 0x00 DATA, flags 0x01 (end stream,) (2) h2 rx stream 0, len 12, type 0x04 SETTINGS, flags 0x00 () (2) h2 rx stream 0, len 0, type 0x04 SETTINGS, flags 0x01 (end stream,) (2) h2 tx stream 15, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (2) h2 tx query example.com stream 15, len 48, type 0x00 DATA, flags 0x01 (end stream,) (2) h2 rx stream 0, len 4, type 0x08 UNKNOWN, flags 0x00 () (2) h2 rx stream 15, len 53, type 0x01 HEADERS, flags 0x04 (end headers,) (2) h2 rx stream 15, len 88, type 0x00 DATA, flags 0x01 (end stream,) (0) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (0) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (1) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (2) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (1) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (2) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) zx2c4.com, encrypted (0) h2 tx stream 17, len 143, type 0x01 HEADERS, flags 0x04 (end headers,) (0) h2 tx query stream 17, len 27, type 0x00 DATA, flags 0x01 (end stream,) (0) h2 rx stream 17, len 32, type 0x01 HEADERS, flags 0x04 (end headers,) (0) h2 rx stream 17, len 43, type 0x00 DATA, flags 0x01 (end stream,) (1) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (2) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (1) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (2) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (0) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (0) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (1) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (2) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (1) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (2) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (2) Error LANrx: invalid DNS section counts: 1 0 0 1, dropped (0) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (0) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (2) Error LANrx: invalid DNS section counts: 1 0 0 1, dropped (2) Error LANrx: invalid DNS section counts: 1 0 0 1, dropped (1) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (2) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (1) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (2) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (0) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (0) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (1) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (2) h2 tx stream 0, len 8, type 0x06 PING, flags 0x00 () (1) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) (2) h2 rx stream 0, len 8, type 0x06 PING, flags 0x01 (end stream,) signal 15 caught, shutting down all resolvers ` ` `
glitsj16 commented 4 years ago

UPDATE:

Commit https://github.com/netblue30/fdns/commit/83bfa4b2db9930c31daa631c13b59e9274073ee6 fixed all the build issues mentioned above. GCC-10 on Arch Linux doesn't need anything special anymore and the vim/go dependencies are no longer needed now the cashpack library introduction has been refactored.

I still see the same Error LANrx: invalid DNS section counts: 1 0 0 1, dropped lines in my fdns log though. DNS name resolution is still broken.

netblue30 commented 4 years ago

Yes, the big one was fixed - took some time to update my Arch system. They used to bring in all kind of tools and libraries for their testing, so I removed them and used our make system.

Error LANrx: invalid DNS section counts: 1 0 0 1:

It is generated by the DNS firewall, the request is dropped. What application are you using to send this request? The only one I know is dig.

glitsj16 commented 4 years ago

It is generated by the DNS firewall, the request is dropped. What application are you using to send this request? The only one I know is dig.

That is indeed the case, I used dig. Will do some more extensive testing, as I noticed fdns --monitor was also broken with '--proxy-addr-any --server=foo'.

glitsj16 commented 4 years ago

FOLLOW-UP:

I have some scripts that called dig, mainly for IP checking when using VPN. I changed those to use curl now.

Did another round of testing with the latest git master code. Name resolution is working again for me, but monitoring (while using the systemd unit) keeps being somewhat unpredictable. Not a big issue for me, as I use StandardOutput=append:/tmp/fdns.log to keep a closer eye on things.

ExecStart=/usr/bin/fdns

    $ fdns --proxies
    pid 39196, address 127.1.1.1 (default)

    $ fdns --monitor
    [...]
    works

    $ fdns --monitor=127.1.1.1
    [...]
    works

ExecStart=/usr/bin/fdns --proxy-addr-any --server=foo

    $ fdns --proxies
    pid 36177, address 0.0.0.0

    $ fdns --monitor
    Waiting for fdns to start.........

    $ fdns --monitor=127.0.0.1
    Waiting for fdns to start.........

    $ fdns --monitor=0.0.0.0
    Error: invalid proxy address

ExecStart=/usr/bin/fdns --proxy-addr=127.0.0.1 --server=foo which needs disabling RestrictAddressFamilies (#15)

    $ fdns --proxies
    pid 40473, address 127.0.0.1

    $ fdns --monitor
    Waiting for fdns to start.........

    $ fdns --monitor=127.0.0.1
    [...]
    works
netblue30 commented 4 years ago

I think I've seen this problem also, I'll mark it as a bug.

glitsj16 commented 3 years ago

@netblue30 Any update on this?

netblue30 commented 3 years ago

I did't see it lately. Do you still have it?

glitsj16 commented 3 years ago

I did't see it lately. Do you still have it?

@netblue30 yes I still get the same stuff I mentioned in https://github.com/netblue30/fdns/issues/40#issuecomment-639568902. For the record, I use the below in a systemd service override file to run fdns:

ExecStart=/usr/bin/fdns --proxy-addr=127.0.0.1 --server=appliedprivacy

To get around the 'Waiting for fdns to start.........' issue I need to explicitly call fdns --monitor=127.0.0.1 to kick the monitor into gear. This might be a feature, but if so, we might need to document this behaviour more clearly IMHO.

netblue30 commented 3 years ago

OK, this is a bug! By default --monitor without any IP address is looking for 127.1.1.1. I'll fix is so if there is only one instance of fdns in the system it will grab that specific one. I'll have to put the same fix in firetools.

netblue30 commented 3 years ago

Fix is in. It is looking for 127.1.1.1, then for 127.0.0.1, than for any other addresses.

glitsj16 commented 3 years ago

@netblue30 Great job. I can confirm the issue is fixed. Thanks for looking into it!