[Bug 1766969] Re: DNS cannot be resolved in Hotel Hotspot

Thu Apr 26 04:56:11 UTC 2018

Can confirm that the dns logs indicate that systemd-resolved is not
falling back from UDP+EDNS0 to UDP in response to these NXDOMAIN
answers.

The existing patch only implements this fallback when the portal name
being looked up includes 'secure' as a substring:

+                if (DNS_PACKET_RCODE(p) == DNS_RCODE_NXDOMAIN && t->current_feature_level >= DNS_SERVER_FEATURE_LEVEL_EDNS0) {
+
+                        char key_str[DNS_RESOURCE_KEY_STRING_MAX];
+                        dns_resource_key_to_string(t->key, key_str, sizeof key_str);
+                        if (strstr(key_str, "secure") != NULL) {
+                                t->current_feature_level = t->current_feature_level - 1;
+
+                                log_warning("Server returned error %s, suspecting DNS violation DVE-2018-0001, retrying transaction with reduced feature level %s.",

The packet capture shows a number of DNS lookups, but not containing the
substring 'secure'; and none that appear to correspond to the captive
portal itself.  This may require a different sort of solution than the
previous bug, I'm not sure.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1766969

Title:
  DNS cannot be resolved in Hotel Hotspot

Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  I was asked to create a new bug for this in
  https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1727237 as it
  seems to be a different issue.

  I have installed the nightly image of Kubuntu Bionic from 25th of
  April.

  There systemd is in version 237-3ubuntu10.

  When connecting to the wifi hotspot in my hotel (Quality Hotel
  Augsburg) I cannot open the hotspot landing page that should give me
  access to the WIFI. With Windows and on an Iphone it's working.

  For the following distributions I can confirm it not working:
  Kubuntu 17.10
  Kubuntu 18.04 (nightly image 25th of April 2018)

  The logs were taken on 18.04.

  Workaround:
  sudo systemctl disable systemd-resolved.service
  sudo service systemd-resolved stop
  sudo rm /etc/resolv.conf
  sudo nano /etc/NetworkManager/NetworkManager.conf
    >> add "dns=default" under [main]
  sudo service network-manager restart

  Then I can connect to the WIFI and I see the login page in Firefox.

  To capture some data I did the following:
   - connect to Hotspot
   - enter golem.de

  Case 1: Fresh default Kubuntu install
  With a default Kubuntu install it does not work. I can connect to the WIFI and get IP and DNS from DHCP but I cannot resolve any hostname. When trying  to open the router ip directly in the browser it forwards to hotsplots.de which cannot be resolved.

  Case 2: With aforementioned Workaround
  I connect to the wifi, I open firefox and the login page shows up (if I havent been connected yet. In the capture I already was able to connect to the hotspot which allows immediately to connect to the webpage)

  PS: I'll be in this hotel till Friday 27th if more information are
  required.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1766969/+subscriptions