https://bugs.winehq.org/show_bug.cgi?id=52133
Bug ID: 52133 Summary: winhttp/wininet should not query mDNS for proxy auto-detection Product: Wine Version: 6.22 Hardware: x86-64 OS: Mac OS X Status: UNCONFIRMED Severity: normal Priority: P2 Component: winhttp Assignee: wine-bugs@winehq.org Reporter: bshanks@codeweavers.com
At least on macOS, the default hostname is something like "XXs-MacBook-Pro.local". Wine then (correctly) reads the domain name as "local".
When winhttp or wininet tries to use DNS proxy auto-detection (i.e. WinHttpDetectAutoProxyConfigUrl() with the WINHTTP_AUTO_DETECT_TYPE_DNS_A option), they try to resolve "wpad.local".
On macOS this hangs for 5 seconds before failing, causing a 10-minute long hang while launching Halo: MCC.
This also opens a security hole by allowing anyone on the local network to advertise an HTTP proxy that will be used automatically by other hosts on the network.
Microsoft has disabled link-local name resolution (i.e. NetBIOS, LLMNR, mDNS) by default for WPAD for years: https://bugs.chromium.org/p/chromium/issues/detail?id=1176970#c29
This is done on Windows with the undocumented AI_DNS_ONLY flag to getaddrinfo(), unfortunately there is no equivalent UNIX flag. Adding a special-case for ".local" domains would at least prevent the most common case of mDNS resolution.
https://bugs.winehq.org/show_bug.cgi?id=52133
--- Comment #1 from Hans Leidekker hans@meelstraat.net --- (In reply to Brendan Shanks from comment #0)
Microsoft has disabled link-local name resolution (i.e. NetBIOS, LLMNR, mDNS) by default for WPAD for years: https://bugs.chromium.org/p/chromium/issues/detail?id=1176970#c29
This is done on Windows with the undocumented AI_DNS_ONLY flag to getaddrinfo(), unfortunately there is no equivalent UNIX flag. Adding a special-case for ".local" domains would at least prevent the most common case of mDNS resolution.
Or we could perhaps implement AI_DNS_ONLY on top of DnsQuery*. My testing shows that res_query doesn't use mDNS on macOS.
https://bugs.winehq.org/show_bug.cgi?id=52133
Ken Sharp imwellcushtymelike@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |source
https://bugs.winehq.org/show_bug.cgi?id=52133
--- Comment #2 from Brendan Shanks bshanks@codeweavers.com --- Good idea, I see the same in my tests. Using DNS APIs for implementing AI_DNS_ONLY makes sense.
https://bugs.winehq.org/show_bug.cgi?id=52133
--- Comment #3 from Hans Leidekker hans@meelstraat.net --- (In reply to Brendan Shanks from comment #2)
Good idea, I see the same in my tests. Using DNS APIs for implementing AI_DNS_ONLY makes sense.
I can take a look if you want.
https://bugs.winehq.org/show_bug.cgi?id=52133
--- Comment #4 from Brendan Shanks bshanks@codeweavers.com --- Thanks Hans, if you could take a look that would be great.
https://bugs.winehq.org/show_bug.cgi?id=52133
Brendan Shanks bshanks@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Fixed by SHA1| |859f9daada0292a2ce69e530242 | |4905f3b1e335d Status|UNCONFIRMED |RESOLVED
--- Comment #5 from Brendan Shanks bshanks@codeweavers.com --- Thanks Hans, this is resolved by 859f9daada0292a2ce69e5302424905f3b1e335d and d13ec212c3311f671d4519f4d81833635f12505d. WinHttpDetectAutoProxyConfigUrl() now returns instantly on macOS.
https://bugs.winehq.org/show_bug.cgi?id=52133
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #6 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 6.23.
-
WineHQ Bugzilla