Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sdig: allow cleartext DoH to work when dnsdist is using nghttp2 as lib #14106

Open
omoerbeek opened this issue Apr 25, 2024 · 1 comment
Open

sdig: allow cleartext DoH to work when dnsdist is using nghttp2 as lib #14106

omoerbeek opened this issue Apr 25, 2024 · 1 comment
Labels
feature request tools

Comments

@omoerbeek
Copy link
Member

omoerbeek commented Apr 25, 2024
edited by rgacogne

When dnsdist uses nghttp2 as a http(s) lib, it does not accept HTTP/1. This has the consequence that when dnsdist is configured to use clear-text incoming DoH sdig cannot query it, as defaults to use ALPN, which does not work. Remedy is to set:

curl_easy_setopt(getCURLPtr(d_curl), CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE);

in minicurl.cc. It remains to be decided if that should be an option to sdig or if we should set that always (which would break HTTP/1 DoH connections, but those are fishy anyway).
@rgacogne rgacogne changed the title sdig: allow cleartext DoH to work when dnsdist is using nginx2 as lib sdig: allow cleartext DoH to work when dnsdist is using nghttp2 as lib Apr 25, 2024
@Habbie
Copy link
Member

Habbie commented Apr 30, 2024

sdig is not the only user of minicurl - LUA records ifurlup and friends rely on it as well, and maybe rec zoneToCache too? we need to make sure we don't break any of those

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request tools
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Habbie @omoerbeek