make CoreDNS DoH Server #1619
Merged
make CoreDNS DoH Server #1619
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## master #1619 +/- ##
=========================================
- Coverage 53.44% 52.55% -0.9%
=========================================
Files 186 191 +5
Lines 9392 9590 +198
=========================================
+ Hits 5020 5040 +20
- Misses 3989 4164 +175
- Partials 383 386 +3
Continue to review full report at Codecov.
|
Member
Author
|
Also need a way to for http/2 and the forward and maybe proxy plugin should start speaking it. |
chantra
reviewed
Mar 18, 2018
core/dnsserver/doh/https.go
Outdated
| // MimeType is the DoH mimetype that should be used. | ||
| const MimeType = "application/dns-udpwireformat" | ||
|
|
||
| // RequestToMsg extra the dns message from the request body. |
core/dnsserver/doh/https.go
Outdated
|
|
||
| buf, err := ioutil.ReadAll(req.Body) | ||
| if err != nil { | ||
| return nil, nil |
Contributor
There was a problem hiding this comment.
shouldn't this return the error?
core/dnsserver/server_https.go
Outdated
| } | ||
|
|
||
| w.Header().Set("Content-Type", doh.MimeType) | ||
| w.Header().Set("Cache-Control", "max-age=0") |
Contributor
There was a problem hiding this comment.
maybe a FIXME to implement cache-control later?
core/dnsserver/doh/https.go
Outdated
| const MimeType = "application/dns-udpwireformat" | ||
|
|
||
| // RequestToMsg extra the dns message from the request body. | ||
| func RequestToMsg(req *http.Request) (*dns.Msg, error) { |
Contributor
There was a problem hiding this comment.
note that this only handle POST.
For GET use case, the content-type should be taken from the query parameter ct and the dns payload will be base64safeurl encoded (with trailing = removed) in the dns query parameter. Maybe worth a FIXME/TODO comment.
Member
Author
|
@chantra thanks for reviewing. yes error handling needs to be done - the draft is also light on this. I'll fix things after -04 is released. |
Member
Author
|
@chantra PTAL, address all comments and implemented -08 of the draft. |
Member
Author
|
/cc @johnbelamaric |
johnbelamaric
requested changes
May 21, 2018
Member
johnbelamaric
left a comment
There was a problem hiding this comment.
minor issues, looks good
core/dnsserver/https.go
Outdated
| return nil, fmt.Errorf("no 'dns' query parameter found") | ||
| } | ||
| if len(b64) != 1 { | ||
| return nil, fmt.Errorf("multipe 'dns' query values found") |
core/dnsserver/server-https.go
Outdated
| buf, _ := dw.Msg.Pack() | ||
|
|
||
| w.Header().Set("Content-Type", mimeTypeDOH) | ||
| w.Header().Set("Cache-Control", "max-age=128") // Minttl as done in cache. |
Member
Author
There was a problem hiding this comment.
proper bug filed: #1823
The draft is still debating the exact requirements here, but it is clear what needs to be done. Left TODO with issue number.
johnbelamaric
approved these changes
May 21, 2018
Contributor
|
Great stuff! |
miekg
added a commit
that referenced
this pull request
May 23, 2018
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
miekg
added a commit
that referenced
this pull request
May 23, 2018
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
chrisohaver
pushed a commit
that referenced
this pull request
May 23, 2018
The DoH work (#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes #1826
Jason-ZW
pushed a commit
to rancher/coredns
that referenced
this pull request
Apr 17, 2019
* WIP: make CoreDNS DoH Server * It works * Fix tests * Review from Tom - on diff. PR * correct mime type * Cleanups and use the pkg/nonwriter * rename and updates * implement get * implement GET * Code review comments * correct context * tweaks * code review
Jason-ZW
pushed a commit
to rancher/coredns
that referenced
this pull request
Apr 17, 2019
The DoH work (coredns#1619) made changes to pkg/nonwriter.Writer that in hindsight were not backwards compatible; it added override for the LocalAddr() and RemoteAddr(). Instead of rolling back that PR, this PR reverts those changes and creates a DoHWriter for use in the https-server.go side of things. This was only caught in the integration test making this hard to catch, so we add a upstream_file_test.go that tries (doesn't work yet) to test this in the unit tests as well. Esp. helpful when 'git bisecting'. Fixes coredns#1826
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
1. What does this pull request do?
Add experimental DoH support.
2. Which issues (if any) are related?
3. Which documentation changes (if any) need to be made?