make CoreDNS DoH Server #1619
Merged
make CoreDNS DoH Server #1619
Conversation
Codecov Report
@@ Coverage Diff @@
## master #1619 +/- ##
=========================================
- Coverage 53.44% 52.55% -0.9%
=========================================
Files 186 191 +5
Lines 9392 9590 +198
=========================================
+ Hits 5020 5040 +20
- Misses 3989 4164 +175
- Partials 383 386 +3
Continue to review full report at Codecov.
|
|
Also need a way to for http/2 and the forward and maybe proxy plugin should start speaking it. |
|
Nice! |
core/dnsserver/doh/https.go
Outdated
| // MimeType is the DoH mimetype that should be used. | ||
| const MimeType = "application/dns-udpwireformat" | ||
|
|
||
| // RequestToMsg extra the dns message from the request body. |
chantra
Mar 18, 2018
Contributor
typo: s/extra/extract/
typo: s/extra/extract/
core/dnsserver/doh/https.go
Outdated
|
|
||
| buf, err := ioutil.ReadAll(req.Body) | ||
| if err != nil { | ||
| return nil, nil |
chantra
Mar 18, 2018
Contributor
shouldn't this return the error?
shouldn't this return the error?
core/dnsserver/server_https.go
Outdated
| } | ||
|
|
||
| w.Header().Set("Content-Type", doh.MimeType) | ||
| w.Header().Set("Cache-Control", "max-age=0") |
chantra
Mar 18, 2018
Contributor
maybe a FIXME to implement cache-control later?
maybe a FIXME to implement cache-control later?
core/dnsserver/doh/https.go
Outdated
| const MimeType = "application/dns-udpwireformat" | ||
|
|
||
| // RequestToMsg extra the dns message from the request body. | ||
| func RequestToMsg(req *http.Request) (*dns.Msg, error) { |
chantra
Mar 18, 2018
Contributor
note that this only handle POST.
For GET use case, the content-type should be taken from the query parameter ct and the dns payload will be base64safeurl encoded (with trailing = removed) in the dns query parameter. Maybe worth a FIXME/TODO comment.
note that this only handle POST.
For GET use case, the content-type should be taken from the query parameter ct and the dns payload will be base64safeurl encoded (with trailing = removed) in the dns query parameter. Maybe worth a FIXME/TODO comment.
|
@chantra thanks for reviewing. yes error handling needs to be done - the draft is also light on this. I'll fix things after -04 is released. |
|
@chantra PTAL, address all comments and implemented -08 of the draft. |
|
/cc @johnbelamaric |
|
minor issues, looks good |
core/dnsserver/https.go
Outdated
| return nil, fmt.Errorf("no 'dns' query parameter found") | ||
| } | ||
| if len(b64) != 1 { | ||
| return nil, fmt.Errorf("multipe 'dns' query values found") |
johnbelamaric
May 21, 2018
Member
nit: s/multipe/multiple/
nit: s/multipe/multiple/
miekg
May 21, 2018
Author
Member
doine
doine
core/dnsserver/server-https.go
Outdated
| buf, _ := dw.Msg.Pack() | ||
|
|
||
| w.Header().Set("Content-Type", mimeTypeDOH) | ||
| w.Header().Set("Cache-Control", "max-age=128") // Minttl as done in cache. |
johnbelamaric
May 21, 2018
Member
No control over this?
No control over this?
miekg
May 21, 2018
Author
Member
proper bug filed: #1823
The draft is still debating the exact requirements here, but it is clear what needs to be done. Left TODO with issue number.
proper bug filed: #1823
The draft is still debating the exact requirements here, but it is clear what needs to be done. Left TODO with issue number.
|
Great stuff! |
miekg
added a commit
that referenced
this pull request
May 23, 2018
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
miekg
added a commit
that referenced
this pull request
May 23, 2018
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
chrisohaver
added a commit
that referenced
this pull request
May 23, 2018
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
Jason-ZW
added a commit
to rancher/coredns
that referenced
this pull request
Apr 17, 2019
* WIP: make CoreDNS DoH Server * It works * Fix tests * Review from Tom - on diff. PR * correct mime type * Cleanups and use the pkg/nonwriter * rename and updates * implement get * implement GET * Code review comments * correct context * tweaks * code review
Jason-ZW
added a commit
to rancher/coredns
that referenced
this pull request
Apr 17, 2019
The DoH work (coredns#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes coredns#1826
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
1. What does this pull request do?
Add experimental DoH support.
2. Which issues (if any) are related?
3. Which documentation changes (if any) need to be made?