DNS leaks when using youtube-dl --proxy option?

The torify doc advises youtube-dl users to use --proxy socks5://127.0.0.1:9050/ (Tor) or --proxy socks5://127.0.0.1:9150/ (Tor Browser).

https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc

I seem to experience the following:

  1. youtube-dl --proxy socks://127.0.0.1:9050/ queries DNS in the clear.
  2. torsocks youtube-dl (without --proxy) queries DNS through Tor.

Note: I used socks:// not socks5:// as the torify doc advises. I have not yet tested with socks5://.

Quick testing with nftables logging/dropping DNS packets:

  • When I do 1. while logging DNS packets, I see DNS queries in my logs.
  • When I do 1. while dropping DNS packets, youtube-dl fails to resolve names.
  • When I do 2. while dropping DNS packets, youtube-dl works fine.

If DNS leaks are indeed happening as I believe, the issue may be a youtube-dl bug.

In this case, the torify docs should be edited to warn people about DNS leaks:

  • Advise using torsocks youtube-dl instead of --proxy OR
  • Add a warning

I would need to do further testing to confirm the details above, but I thought to start this issue so people know about the possibility.

Versions:

  • youtube-dl: 2020.09.20
  • torsocks: 2.3.0
  • tor: 0.4.4.5
Edited by Ghost User