[Bug 1719062] Re: systemd-resolved malformed packet on cert dns lookup
Bryce Larson
1719062 at bugs.launchpad.net
Sun Sep 24 06:16:27 UTC 2017
I have upgraded to version 234-2ubuntu10. It doesn't make a difference.
I double checked and requested the key (cert record) using dig and it
works just fine, no malformed packet. It's only when gpg2 requests it
combined with systemd-resolved where there is a problem as far as I can
tell.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1719062
Title:
systemd-resolved malformed packet on cert dns lookup
Status in systemd package in Ubuntu:
New
Bug description:
systemd-resolved returns a malformed packet when looking up an openpgp
key (via a cert record rfc4398) from my internal authoritative dns
server.
The command I used was gpg2 -v --auto-key-locate=clear,cert,local
--locate-keys [Email Address]
This works correctly if I change /etc/resolv.conf symlink to point at
/run/systemd/resolve/resolv.conf so that it doesn't use the local
systemd-resolved resolver/cache instead of /run/resolvconf/resolv.conf
I'm including a wireshark capture of the malformed packet (filtered
for 127.0.0.53).
I noticed that this was over udp. If I recall correctly, cert records
are usually big enough that they require using tcp.
Description: Ubuntu Artful Aardvark (development branch)
Release: 17.10
systemd:
Installed: 233-8ubuntu3
Candidate: 233-8ubuntu3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1719062/+subscriptions
More information about the foundations-bugs
mailing list