-
Notifications
You must be signed in to change notification settings - Fork 757
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue211: support dns over https if local DNS is not working / available #476
Issue211: support dns over https if local DNS is not working / available #476
Conversation
- use the "DohResolver" from the dnsjava library to make DoH lookups - to enable and configure it, add two new properties * "enableDnsOverHttpResolves" (boolean) * "dnsOverHttpServer" URL to the DoH Server - as one use case for DoH is being located behind a firewall, also support using a proxy to access the DoH server; the proxy from the FetchHTTP bean is reused in that case Fixes internetarchive#211
Nice work! Two suggestions:
|
Ah, yes, I was afraid that setting the global properties will cause trouble that I have not anticipated. For concurrent jobs this will be indeed a problem. I will try to see if I can put it the other way around as suggested. Also ok for using a single An update to the PR will come as soon as I finished testing the changes, which might need a little time. |
- instead of "borrowing" the configured proxy from the fetchHttp bean, use proxy values defined via global options, to avoid interference with other jobs running in parallel (or at least make them explicit). The "fetchHttp" bean also uses these settings, if no bean specific settings are used. - remove the "enableDnsOverHttpResolves", and rely on a non-empty "dnsOverHttpServer" value to signal that DoH should be used.
Now with an update:
|
- scrap setter for "enableDnsOverHttpResolve", too
- docs: lets see if we can set a link to another chapter
Looks good. Thanks! |
As per comment: #211 (comment) and in the hope that this PR is considered "decent":
Add support for DNS-over-HTTPS lookups:
Alternatively one could have introduced separate properties for the proxy to be used for DoH; if this is the preferred approach instead of making the
FetchDNS
bean factory aware to load the proxy settings from theFetchHTTP
bean, please let me know so I can update the PR.