git » dnss » commit a49786f

DoH: Support -07 version of the draft

author Alberto Bertogli
2018-04-15 14:00:47 UTC
committer Alberto Bertogli
2018-04-15 14:29:21 UTC
parent 44cac85169625da028258434d90e52a0b3302ba4

DoH: Support -07 version of the draft

The main change since -05 is the change of media type from
"application/dns-udpwireformat" to "application/dns-message".

This is a backwards-incompatible change.

The diff between -05 and -07 can be seen here:
https://www.ietf.org/rfcdiff?url1=draft-ietf-doh-dns-over-https-05&url2=draft-ietf-doh-dns-over-https-07

internal/httpresolver/resolver.go +3 -3
internal/httpserver/server.go +5 -5

diff --git a/internal/httpresolver/resolver.go b/internal/httpresolver/resolver.go
index 426a6c0..fd805c3 100644
--- a/internal/httpresolver/resolver.go
+++ b/internal/httpresolver/resolver.go
@@ -25,7 +25,7 @@ import (
 // server via DNS over HTTPS.
 //
 // It supports two modes: JSON (like https://dns.google.com) and DoH
-// (https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-05).
+// (https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-07).
 type httpsResolver struct {
 	Upstream *url.URL
 	CAFile   string
@@ -123,7 +123,7 @@ func (r *httpsResolver) queryDoH(req *dns.Msg, tr trace.Trace) (*dns.Msg, error)
 
 	hr, err := r.client.Post(
 		r.Upstream.String(),
-		"application/dns-udpwireformat",
+		"application/dns-message",
 		bytes.NewReader(packed))
 	if err != nil {
 		return nil, fmt.Errorf("POST failed: %v", err)
@@ -141,7 +141,7 @@ func (r *httpsResolver) queryDoH(req *dns.Msg, tr trace.Trace) (*dns.Msg, error)
 		return nil, fmt.Errorf("failed to parse content type: %v", err)
 	}
 
-	if ct != "application/dns-udpwireformat" {
+	if ct != "application/dns-message" {
 		return nil, fmt.Errorf("unknown response content type %q", ct)
 	}
 
diff --git a/internal/httpserver/server.go b/internal/httpserver/server.go
index ce92bef..78c121c 100644
--- a/internal/httpserver/server.go
+++ b/internal/httpserver/server.go
@@ -7,7 +7,7 @@
 //    This is also implemented by Cloudflare's 1.1.1.1, as documented in:
 //    https://developers.cloudflare.com/1.1.1.1/dns-over-https/json-format/.
 //  - DNS Queries over HTTPS (DoH), as specified in:
-//    https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-05.
+//    https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-07.
 package httpserver
 
 import (
@@ -76,7 +76,7 @@ func (s *Server) Resolve(w http.ResponseWriter, req *http.Request) {
 
 	// Identify DoH requests:
 	//  - GET requests have a "dns=" query parameter.
-	//  - POST requests have a content-type = application/dns-udpwireformat.
+	//  - POST requests have a content-type = application/dns-message.
 	if req.Method == "GET" && req.FormValue("dns") != "" {
 		tr.LazyPrintf("DoH:GET")
 		dnsQuery, err := base64.RawURLEncoding.DecodeString(
@@ -99,7 +99,7 @@ func (s *Server) Resolve(w http.ResponseWriter, req *http.Request) {
 			return
 		}
 
-		if ct == "application/dns-udpwireformat" {
+		if ct == "application/dns-message" {
 			tr.LazyPrintf("DoH:POST")
 			// Limit the size of request to 4k.
 			dnsQuery, err := ioutil.ReadAll(io.LimitReader(req.Body, 4092))
@@ -326,7 +326,7 @@ func stringToBool(s string) (bool, error) {
 }
 
 // Resolve DNS over HTTPS requests, as specified in
-// https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-05.
+// https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-07.
 func (s *Server) resolveDoH(tr trace.Trace, w http.ResponseWriter, dnsQuery []byte) {
 	r := &dns.Msg{}
 	err := r.Unpack(dnsQuery)
@@ -362,7 +362,7 @@ func (s *Server) resolveDoH(tr trace.Trace, w http.ResponseWriter, dnsQuery []by
 	}
 
 	// Write the response back.
-	w.Header().Set("Content-type", "application/dns-udpwireformat")
+	w.Header().Set("Content-type", "application/dns-message")
 	// TODO: set cache-control based on the response.
 	w.WriteHeader(http.StatusOK)
 	w.Write(packed)