<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>I think your check should also accept uppercase ASCII letters.
Anyway, similar check is already done in check_names, which is
there to skip names containing underscore with older libidn2
versions. I guess it could return 2 also in case ascii-only
characters were detected, instead of checking the name again in
another loop.</p>
<p>Attached alternative change, which would process only names not
only ascii names. Changes check_names to return 2 when IDN should
be used. Printing ascii names should be safe, even when they
contain characters not allowed by hostnames. Such as _, +, = or
whatever garbage is present. As long as it is readable in logs, it
should not matter.</p>
<p>How many lines does your dnsmasq.blacklist.txt contain? Those
differences are significant. Maybe bug should be filled on
libidn2. Conversion from ascii-only name to ascii name should not
take too long even if it was called.<br>
</p>
<div class="moz-cite-prefix">On 9/6/21 3:27 PM, Gustaf Ullberg
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+mbUiyHkc2aMZ32ETxhZzWy+7EbgFbouAiS0ohq=_DXSdNe5Q@mail.gmail.com">
<div dir="ltr">Hi Simon and dnsmasq contributors,<br>
<br>
I am running dnsmasq with a blocklist from<br>
<a
href="https://github.com/notracking/hosts-blocklists/blob/master/dnsmasq/dnsmasq.blacklist.txt"
moz-do-not-send="true">https://github.com/notracking/hosts-blocklists/blob/master/dnsmasq/dnsmasq.blacklist.txt</a><br>
<br>
I have noticed that building dnsmasq with libidn2 support (which
my distro does) can cause extreme slowdowns. The slowdowns seem
to come from the call to idn2_to_ascii_lz in canonicalise()
being very slow.<br>
<br>
idn2_to_ascii_lz is run on every domain name in the blocklist to
encode special characters, and this is surprisingly slow even
when there are no special characters. I developed a patch
(attached to this email) that checks a domain name for other
characters than . - a-z 0-9. If any such character is found, the
domain name will be encoded. If no such character is found the
domain name will not be encoded (as encoding won't change it).
This removes most of the overhead of using libidn2. Unless you
find any problems with this approach, I wish the patch can be
mainlined.<br>
<br>
Some benchmarks on a Raspberry Pi (slow, but probably not an
uncommon device for running dnsmasq) running ArchLinux and
dnsmasq git master:<br>
<br>
# Without libidn2: Acceptable speed<br>
> make<br>
> time ./src/dnsmasq -C dnsmasq.blacklist.txt --test<br>
dnsmasq: syntax check OK.<br>
<br>
real 0m3.699s<br>
user 0m3.468s<br>
sys 0m0.200s<br>
<br>
<br>
<br>
# With libidn2: To slow to be usable<br>
> make COPTS="-DHAVE_LIBIDN2"<br>
> time ./src/dnsmasq -C dnsmasq.blacklist.txt --test<br>
dnsmasq: syntax check OK.<br>
<br>
real 1m6.921s<br>
user 0m59.509s<br>
sys 0m0.606s<br>
<br>
<br>
# With libidn2 and attached patch: Back to acceptable speed<br>
> git am 0001-Avoid-IDN-translations-when-not-needed.patch<br>
> make COPTS="-DHAVE_LIBIDN2"<br>
> time ./src/dnsmasq -C dnsmasq.blacklist.txt --test<br>
dnsmasq: syntax check OK.<br>
<br>
real 0m3.903s<br>
user 0m3.643s<br>
sys 0m0.219s<br>
<div><br>
</div>
<div>Best regards,</div>
<div>Gustaf</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Dnsmasq-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk</a>
<a class="moz-txt-link-freetext" href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a>
</pre>
</blockquote>
<pre class="moz-signature" cols="72">--
Petr Menšík
Software Engineer
Red Hat, <a class="moz-txt-link-freetext" href="http://www.redhat.com/">http://www.redhat.com/</a>
email: <a class="moz-txt-link-abbreviated" href="mailto:pemensik@redhat.com">pemensik@redhat.com</a>
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB</pre>
</body>
</html>