1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[BUG] Shibby Tomato - dnscrypt custom startup paremeters

Discussion in 'Tomato Firmware' started by cryostasix, Feb 12, 2014.

  1. cryostasix

    cryostasix Reformed Router Member

    Sorry for the long post, but I saw the back log and the chaos of Shibby's bug tracker on the website and decided to make a forum post instead seeing as shibby goes around in the forum.

    I was messing around with the custom startup parameters because I did not want to use OpenDNS as my dnscrypt provider and discovered that any more than 1 argument causes issues, If I run the command manually it will run just fine. (This is one of the OpenNIC servers that supports dnscrypt-proxy)

    The extra arguments as specified in the custom startup arguments field:
    Code:
    --loglevel=99 --provider-key=2342:215C:409A:85A5:FB63:2A3B:42CD:5089:6BA8:551A:8BDC:2654:CF57:804F:B1B2:5019 --resolver-address=173.230.156.28 --provider-name=2.dnscrypt-cert.ns17.ca.us.dns.opennic.glue
    This is what I get when I hit save and wait for it to load once dnsmasq restarts:
    Code:
    Feb 12 15:49:15 unknown user.err syslog: Invalid max log level: [99 --provider-key=2342:215C:409A:85A5:FB63:2A3B:42CD:5089:6BA8:551A:8BDC:2654:CF57:804F:B1B2:5019 --resolver-address=173.230.156.28 --provider-name=2.dnscrypt-cert.ns17.ca.us.dns.opennic.glue]
    if I run the command manually
    cmd:
    Code:
    dnscrypt-proxy -d -a 127.0.0.1:40 --loglevel=99 --p
    rovider-key=2342:215C:409A:85A5:FB63:2A3B:42CD:5089:6BA8:551A:8BDC:2654:CF57:804
    F:B1B2:5019 --resolver-address=173.230.156.28 --provider-name=2.dnscrypt-cert.ns
    17.ca.us.dns.opennic.glue
    result:
    Code:
    Feb 12 15:59:40 unknown daemon.info dnscrypt-proxy[4429]: Initializing libsodium for optimal performance
    Feb 12 15:59:46 unknown daemon.info dnscrypt-proxy[4429]: Generating a new key pair
    Feb 12 15:59:46 unknown daemon.info dnscrypt-proxy[4429]: Done
    Feb 12 15:59:46 unknown daemon.info dnscrypt-proxy[4429]: Server certificate #808464433 received
    Feb 12 15:59:46 unknown daemon.info dnscrypt-proxy[4429]: This certificate looks valid
    Feb 12 15:59:46 unknown daemon.info dnscrypt-proxy[4429]: Chosen certificate #808464433 is valid from [2014-01-16] to [2015-01-16]
    Feb 12 15:59:46 unknown daemon.info dnscrypt-proxy[4429]: Server key fingerprint is 273D:4CD7:1BB3:391C:B4A6:4366:4629:C2E1:93B0:32EE:35FA:A45A:42F4:BB63:143B:0D39
    Feb 12 15:59:46 unknown daemon.info dnscrypt-proxy[4429]: Proxying from 127.0.0.1:40 to 173.230.156.28:443
    I investigated and found the offending code, due to how shutils.h generates the arguments for _eval with the variadic macro. This causes dnscrypt-proxy to parse it as one parameter when it is clearing multiple parameters. I'm not very familiar with tomato or router firmware architecture nor the code style of the project. I was thinking of just strtok'ing the data into an array and calling _eval directly to avoid the varadic macro.
     
  2. lancethepants

    lancethepants Network Guru Member

    Nice you found the offending code, you're not the first to post about this.
     
  3. cryostasix

    cryostasix Reformed Router Member

    I have never compiled Tomato before. If it would be easier for me to create a patch and submit it I will. Is there anything complicated I need to know about when compiling the source tree?
     
  4. Porter

    Porter LI Guru Member

  5. YeOldHinnerk

    YeOldHinnerk Serious Server Member

    Any news on this? I would also like to use openNIC...
     

Share This Page