make CoreDNS DoH Server #1619
make CoreDNS DoH Server #1619
Conversation
Codecov Report
@@ Coverage Diff @@
## master #1619 +/- ##
=========================================
- Coverage 53.44% 52.55% -0.9%
=========================================
Files 186 191 +5
Lines 9392 9590 +198
=========================================
+ Hits 5020 5040 +20
- Misses 3989 4164 +175
- Partials 383 386 +3
Continue to review full report at Codecov.
|
Also need a way to for http/2 and the forward and maybe proxy plugin should start speaking it. |
Nice! |
// MimeType is the DoH mimetype that should be used. | ||
const MimeType = "application/dns-udpwireformat" | ||
|
||
// RequestToMsg extra the dns message from the request body. |
chantra
Mar 18, 2018
Contributor
typo: s/extra/extract/
typo: s/extra/extract/
|
||
buf, err := ioutil.ReadAll(req.Body) | ||
if err != nil { | ||
return nil, nil |
chantra
Mar 18, 2018
Contributor
shouldn't this return the error?
shouldn't this return the error?
} | ||
|
||
w.Header().Set("Content-Type", doh.MimeType) | ||
w.Header().Set("Cache-Control", "max-age=0") |
chantra
Mar 18, 2018
Contributor
maybe a FIXME to implement cache-control later?
maybe a FIXME to implement cache-control later?
const MimeType = "application/dns-udpwireformat" | ||
|
||
// RequestToMsg extra the dns message from the request body. | ||
func RequestToMsg(req *http.Request) (*dns.Msg, error) { |
chantra
Mar 18, 2018
Contributor
note that this only handle POST.
For GET use case, the content-type should be taken from the query parameter ct
and the dns payload will be base64safeurl encoded (with trailing =
removed) in the dns
query parameter. Maybe worth a FIXME/TODO comment.
note that this only handle POST.
For GET use case, the content-type should be taken from the query parameter ct
and the dns payload will be base64safeurl encoded (with trailing =
removed) in the dns
query parameter. Maybe worth a FIXME/TODO comment.
@chantra thanks for reviewing. yes error handling needs to be done - the draft is also light on this. I'll fix things after -04 is released. |
@chantra PTAL, address all comments and implemented -08 of the draft. |
/cc @johnbelamaric |
minor issues, looks good |
return nil, fmt.Errorf("no 'dns' query parameter found") | ||
} | ||
if len(b64) != 1 { | ||
return nil, fmt.Errorf("multipe 'dns' query values found") |
johnbelamaric
May 21, 2018
Member
nit: s/multipe/multiple/
nit: s/multipe/multiple/
miekg
May 21, 2018
Author
Member
doine
doine
buf, _ := dw.Msg.Pack() | ||
|
||
w.Header().Set("Content-Type", mimeTypeDOH) | ||
w.Header().Set("Cache-Control", "max-age=128") // Minttl as done in cache. |
johnbelamaric
May 21, 2018
Member
No control over this?
No control over this?
miekg
May 21, 2018
Author
Member
proper bug filed: #1823
The draft is still debating the exact requirements here, but it is clear what needs to be done. Left TODO with issue number.
proper bug filed: #1823
The draft is still debating the exact requirements here, but it is clear what needs to be done. Left TODO with issue number.
Great stuff! |
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
* WIP: make CoreDNS DoH Server * It works * Fix tests * Review from Tom - on diff. PR * correct mime type * Cleanups and use the pkg/nonwriter * rename and updates * implement get * implement GET * Code review comments * correct context * tweaks * code review
The DoH work (coredns#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes coredns#1826
1. What does this pull request do?
Add experimental DoH support.
2. Which issues (if any) are related?
3. Which documentation changes (if any) need to be made?