You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
dnsdist should set the HTTP server header to h2o/dnsdist by default (as per documentation)
dnsdist should set the HTTP server header to the value provided in the serverTokens option (no matter which URL the client requested)
dnsdist should not send multiple HTTP server header
Actual behaviour
dnsdist ignores the serverTokens option complete when answering HTTP requests that are not valid DoH requests
dnsdist sends multiple HTTP server header when the request is a valid DoH request and the configuration contains the serverTokens option
The text was updated successfully, but these errors were encountered:
appliedprivacy
changed the title
DoH: bugs in handling of serverTokens: duplicate server header and ignored setting
DoH serverTokens: duplicate server header and ignored setting
Jun 7, 2019
Thank you for reporting this!
The a/ issue is clearly an oversight on my part, I guess we could make sure that we route all queries by registering "/".
The b/ and c/ issues depend on the version of libh2o, as it seems that some versions allow overriding the "Server" header and some don't. I'll investigate.
Short description
There are actually 3 issues but since they are closely related we'll document them in one go:
a) ignored serverTokens value
Setting the serverTokens option via
addDOHLocal( ..., "/query", { serverTokens='abc'})
has no effect on the HTTP
server
header field for HTTP requests not going to/query
.b) duplicate HTTP
server
headerSetting the serverTokens option via
addDOHLocal( ..., "/query", { serverTokens='abc'})
causes the server to send multiple HTTP
server
headers:when the client issued a valid DoH request.
c) documentation issue
The documentation says the default value for serverTokens is
h2o/dnsdist
but it is actually
h2o/<h2oversion>
currently that ish2o/2.2.5
Environment
Steps to reproduce
a)
curl -si https://doh.appliedprivacy.net
b)
curl -si "https://doh.appliedprivacy.net/query?dns=l1sBAAABAAAAAAAAA3d3dw1rbm90LXJlc29sdmVyAmN6AAAcAAE"
c)
https://dnsdist.org/reference/config.html#addDOHLocal
Expected behaviour
server
header toh2o/dnsdist
by default (as per documentation)server
header to the value provided in theserverTokens
option (no matter which URL the client requested)server
headerActual behaviour
serverTokens
option complete when answering HTTP requests that are not valid DoH requestsserver
header when the request is a valid DoH request and the configuration contains theserverTokens
optionThe text was updated successfully, but these errors were encountered: