DNSPort is broken on Alpine-Linux since 3.13
Tor DNSPort is not sufficiently subtle.
1 - If a domain name have a 'A' record and no 'AAAA', DNSPort return NXDomain for the 'AAAA' request and the IP for 'A'
2 - If a domain name have no 'A' record and a 'AAAA', DNSPort return NXDomain for the 'A' request and the IPv6 for 'AAAA'
There is a sementic problem with this binary logic. Domain exists in both 1 and 2 but there is no record for one request. So instead of returning NXDomain, it should return NODATA/NOERROR.
According to RFC8020, if there is NXDomain, there no need to search further. https://tools.ietf.org/html/rfc8020
That's what musl-libc do now.
In musl-libc, NXDomain act as a short circuit: musl-libc: https://git.musl-libc.org/cgit/musl/commit/src/network/lookup_name.c?id=5cf1ac2443ad0dba263559a3fe043d929e0e5c4c
« if nxdomain is seen it's assumed to apply to both queries since that's how dns semantics work. »
This change on musl-libc make DNSPort totally unusable on Alpine-Linux and every device linking with musl-libc and targeting DNSPort.
NXDomain should be reserved for non-existent domain.
dig using public resolver showing status: NOERROR
$ dig @8.8.8.8 amazon.com in AAAA
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39934
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;amazon.com. IN AAAAsame dig using DNSPort resolver showing status: NXDOMAIN
$ dig @192.168.0.1 -p 1053 amazon.com in AAAA
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20255
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;amazon.com. IN AAAA