Util implementation

hickory-dns · Sep 23, 2023 · 63d0a86 · 63d0a86
1 parent 2a62d48
commit 63d0a86
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 3 deletions.
diff --git a/util/Cargo.toml b/util/Cargo.toml
@@ -36,6 +36,8 @@ dns-over-https = ["trust-dns-proto/dns-over-https", "trust-dns-client/dns-over-h
 
 dns-over-quic = ["dns-over-rustls", "trust-dns-resolver/dns-over-quic"]
 
+dns-over-h3 = ["dns-over-rustls", "trust-dns-resolver/dns-over-h3"]
+
 webpki-roots = ["dep:webpki-roots", "trust-dns-proto/webpki-roots", "trust-dns-client/webpki-roots", "trust-dns-resolver/webpki-roots"]
 native-certs = ["dep:rustls-native-certs", "trust-dns-proto/native-certs", "trust-dns-client/native-certs", "trust-dns-resolver/native-certs"]
 

diff --git a/util/src/dns.rs b/util/src/dns.rs
@@ -63,12 +63,12 @@ struct Opts {
     #[clap(short = 't', long, required_if_eq_any = [("protocol", "tls"), ("protocol", "https"), ("protocol", "quic")])]
     tls_dns_name: Option<String>,
 
-    /// For TLS, HTTPS, and QUIC a custom ALPN code can be supplied
+    /// For TLS, HTTPS, QUIC and H3 a custom ALPN code can be supplied
     ///  
-    /// Defaults: none for TLS (`dot` has been suggested), `h2` for HTTPS, and `doq` for QUIC
+    /// Defaults: none for TLS (`dot` has been suggested), `h2` for HTTPS, `doq` for QUIC, and `h3` for H3
     #[clap(short = 'a',
         long,
-        default_value_ifs = [("protocol", "tls", None), ("protocol", "https", Some("h2")), ("protocol", "quic", Some("doq"))]
+        default_value_ifs = [("protocol", "tls", None), ("protocol", "https", Some("h2")), ("protocol", "quic", Some("doq")), ("protocol", "h3", Some("h3"))]
     )]
     alpn: Option<String>,
 
@@ -114,6 +114,7 @@ enum Protocol {
     Tls,
     Https,
     Quic,
+    H3,
 }
 
 #[derive(Debug, Subcommand)]
@@ -238,6 +239,7 @@ pub async fn main() -> Result<(), Box<dyn std::error::Error>> {
         Protocol::Tls => tls(opts).await?,
         Protocol::Https => https(opts).await?,
         Protocol::Quic => quic(opts).await?,
+        Protocol::H3 => h3(opts).await?,
     };
 
     Ok(())
@@ -380,6 +382,42 @@ async fn quic(opts: Opts) -> Result<(), Box<dyn std::error::Error>> {
     Ok(())
 }
 
+#[cfg(not(feature = "dns-over-h3"))]
+async fn h3(_opts: Opts) -> Result<(), Box<dyn std::error::Error>> {
+    panic!("`dns-over-h3` feature is required during compilation");
+}
+
+#[cfg(feature = "dns-over-h3")]
+async fn h3(opts: Opts) -> Result<(), Box<dyn std::error::Error>> {
+    use trust_dns_proto::h3::{self, H3ClientStream};
+
+    let nameserver = opts.nameserver;
+    let alpn = opts
+        .alpn
+        .map(String::into_bytes)
+        .expect("ALPN is required for H3");
+    let dns_name = opts
+        .tls_dns_name
+        .expect("tls_dns_name is required H3 connections");
+    println!("; using h3:{nameserver} dns_name:{dns_name}");
+
+    let mut config = h3::client_config_tls13()?;
+    if opts.do_not_verify_nameserver_cert {
+        self::do_not_verify_nameserver_cert(&mut config);
+    }
+    config.alpn_protocols.push(alpn);
+
+    let mut h3_builder = H3ClientStream::builder();
+    h3_builder.crypto_config(config);
+    let (client, bg) = AsyncClient::connect(h3_builder.build(nameserver, dns_name)).await?;
+
+    let handle = tokio::spawn(bg);
+    handle_request(opts.class, opts.zone, opts.command, client).await?;
+    drop(handle);
+
+    Ok(())
+}
+
 async fn handle_request(
     class: DNSClass,
     zone: Option<Name>,