FS#57654 : [dnscrypt-wrapper] Only presenting latest key; bug fixed in upstream

FS#57654 - [dnscrypt-wrapper] Only presenting latest key; bug fixed in upstream

Attached to Project: Community Packages
Opened by Tony (raidenii) - Monday, 26 February 2018, 21:35 GMT
Last edited by Felix Yan (felixonmars) - Tuesday, 27 February 2018, 15:12 GMT

Task Type	Bug Report
Category	Upstream Bugs
Status	Closed
Assigned To	Felix Yan (felixonmars)
Architecture	x86_64
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description:

dnscrpypt-wrapper 0.4.0 has a serious bug, which presents only the latest key when two keys are specified in the configuration. This breaks the seamless key rotation mechanism, where clients only uses the latest key and dnscrypt-wrapper considered the queries are unauthenticated. Details about this bug can be found at https://github.com/cofyc/dnscrypt-wrapper/issues/139. An upstream fix was merged into master branch as of commit fb61224.

Additional info:
* package version(s)
* config and/or log files etc.

Steps to reproduce:

1. Set two keys and certs in the configuration.
2. Previously connected client will fail to authenticate.

This task depends upon

Closed by Felix Yan (felixonmars)
Tuesday, 27 February 2018, 15:12 GMT
Reason for closing: Fixed
Additional comments about closing: 0.4.1-1

Comment by Felix Yan (felixonmars) - Tuesday, 27 February 2018, 09:38 GMT

Please try again with 0.4.1-1.

Comment by Tony (raidenii) - Tuesday, 27 February 2018, 14:45 GMT

Thanks, it is working now.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#57654 - [dnscrypt-wrapper] Only presenting latest key; bug fixed in upstream

Details

Loading...