[Bug 52133] New: winhttp/wininet should not query mDNS for proxy auto-detection
https://bugs.winehq.org/show_bug.cgi?id=52133 Bug ID: 52133 Summary: winhttp/wininet should not query mDNS for proxy auto-detection Product: Wine Version: 6.22 Hardware: x86-64 OS: Mac OS X Status: UNCONFIRMED Severity: normal Priority: P2 Component: winhttp Assignee: wine-bugs(a)winehq.org Reporter: bshanks(a)codeweavers.com At least on macOS, the default hostname is something like "XXs-MacBook-Pro.local". Wine then (correctly) reads the domain name as "local". When winhttp or wininet tries to use DNS proxy auto-detection (i.e. WinHttpDetectAutoProxyConfigUrl() with the WINHTTP_AUTO_DETECT_TYPE_DNS_A option), they try to resolve "wpad.local". On macOS this hangs for 5 seconds before failing, causing a 10-minute long hang while launching Halo: MCC. This also opens a security hole by allowing anyone on the local network to advertise an HTTP proxy that will be used automatically by other hosts on the network. Microsoft has disabled link-local name resolution (i.e. NetBIOS, LLMNR, mDNS) by default for WPAD for years: https://bugs.chromium.org/p/chromium/issues/detail?id=1176970#c29 This is done on Windows with the undocumented AI_DNS_ONLY flag to getaddrinfo(), unfortunately there is no equivalent UNIX flag. Adding a special-case for ".local" domains would at least prevent the most common case of mDNS resolution. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52133 --- Comment #1 from Hans Leidekker <hans(a)meelstraat.net> --- (In reply to Brendan Shanks from comment #0)
Microsoft has disabled link-local name resolution (i.e. NetBIOS, LLMNR, mDNS) by default for WPAD for years: https://bugs.chromium.org/p/chromium/issues/detail?id=1176970#c29
This is done on Windows with the undocumented AI_DNS_ONLY flag to getaddrinfo(), unfortunately there is no equivalent UNIX flag. Adding a special-case for ".local" domains would at least prevent the most common case of mDNS resolution.
Or we could perhaps implement AI_DNS_ONLY on top of DnsQuery*. My testing shows that res_query doesn't use mDNS on macOS. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52133 Ken Sharp <imwellcushtymelike(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |source -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52133 --- Comment #2 from Brendan Shanks <bshanks(a)codeweavers.com> --- Good idea, I see the same in my tests. Using DNS APIs for implementing AI_DNS_ONLY makes sense. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52133 --- Comment #3 from Hans Leidekker <hans(a)meelstraat.net> --- (In reply to Brendan Shanks from comment #2)
Good idea, I see the same in my tests. Using DNS APIs for implementing AI_DNS_ONLY makes sense.
I can take a look if you want. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52133 --- Comment #4 from Brendan Shanks <bshanks(a)codeweavers.com> --- Thanks Hans, if you could take a look that would be great. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52133 Brendan Shanks <bshanks(a)codeweavers.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Fixed by SHA1| |859f9daada0292a2ce69e530242 | |4905f3b1e335d Status|UNCONFIRMED |RESOLVED --- Comment #5 from Brendan Shanks <bshanks(a)codeweavers.com> --- Thanks Hans, this is resolved by 859f9daada0292a2ce69e5302424905f3b1e335d and d13ec212c3311f671d4519f4d81833635f12505d. WinHttpDetectAutoProxyConfigUrl() now returns instantly on macOS. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=52133 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Alexandre Julliard <julliard(a)winehq.org> --- Closing bugs fixed in 6.23. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla