OpenWrt/LEDE Project

  • Status Unconfirmed
  • Percent Complete
  • Task Type Bug Report
  • Category Packages
  • Assigned To No-one
  • Operating System All
  • Severity Medium
  • Priority Very Low
  • Reported Version openwrt-19.07
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by Damian Nowak - 22.09.2020

FS#3356 - https-dns-proxy: Luci interface breaks the configuration if a custom server is used

When you edit `/etc/config/https-dns-proxy` and set a custom server, not known to Luci HTML interface, the Luci UI at /cgi-bin/luci/admin/services/https-dns-proxy will display “CIRA Canadian Shield (Family)” as the selected resolver. This, by itself is not a problem yet, as the Proxy will function as expected.

However, the moment one makes any changes in the UI, e.g. changing listen port, `/etc/config/https-dns-proxy` will get rewritten and an actual resolver for CIRA Canadian Shield (Family) will be used.

Luci interface for HTTPS DNS Proxy should:

1. Bare minimum: indicate a custom resolver is used, and not lose the resolver after making changes to listen port and other stuff.
1. Nice to have: Allow a user to define a custom resolver in the UI - by specifying `resolver_url`, `bootstrap_dns`, `user` and `group` properties

The problem applies on any device as it’s not device-specific.

Reproduction instruction:

1. Edit `/etc/config/https-dns-proxy` and make it look like this:

config main ‘config’

      option update_dnsmasq_config '-'

config https-dns-proxy

      option listen_addr ''
      option listen_port '5054'
      option user 'nobody'
      option group 'nogroup'
      option bootstrap_dns ',,2606:4700:4700::1111,2606:4700:4700::1001'
      option resolver_url ''

2. Go to and observe “CIRA Canadian Shield (Family)” as the selected resolver.
3. Change listen port and click Save & Apply.
4. Observe `/etc/config/https-dns-proxy` lose `resolver_url` setting.


Available keyboard shortcuts


Task Details

Task Editing