- Inherit most SSL options for the doh handle but not SSL client certs,
SSL engine, SSL version, SSL ciphers, SSL id cache setting,
SSL kerberos or SSL gss-api settings.
My thinking for the options not inherited is they are most likely not
intended by the user for the DOH transfer. I did inherit insecure
because I think that should still be in control of the user.
Prior to this change doh did not work for me because CAINFO was not
inherited. Also verbose was set always which AFAICT was a bug (curl#3660).
I did this
curl --doh-url https://22.214.171.124/dns-query ipinfo.io/126.96.36.199
I expected the following
I expected non-verbose output. This gives me what I expect
curl --doh-url https://188.8.131.52/dns-query ipinfo.io/184.108.40.206 2>/dev/null
curl 7.64.1-DEV (x86_64-apple-darwin18.2.0) libcurl/7.64.1-DEV SecureTransport zlib/1.2.11 libidn2/2.1.1 librtmp/2.3 Release-Date: [unreleased] Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp Features: AsynchDNS IDN IPv6 Largefile libz NTLM NTLM_WB SSL UnixSockets
macOS Mojave 10.14.3 (18D109)
The text was updated successfully, but these errors were encountered: