1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-24 09:08:49 -05:00

doh: disable DOH for the cases it doesn't work

Due to limitations in Curl_resolver_wait_resolv(), it doesn't work for
DOH resolves. This fix disables DOH for those.

Limitation added to KNOWN_BUGS.

Fixes #3850
Closes #3857
This commit is contained in:
Daniel Stenberg 2019-05-09 10:58:04 +02:00
parent edf2f6a6f6
commit 12d655d456
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
6 changed files with 26 additions and 11 deletions

View File

@ -19,6 +19,7 @@ problems may have been fixed or changed somewhat since this was written!
1.5 Expect-100 meets 417 1.5 Expect-100 meets 417
1.6 Unnecessary close when 401 received waiting for 100 1.6 Unnecessary close when 401 received waiting for 100
1.7 Deflate error after all content was received 1.7 Deflate error after all content was received
1.8 DoH isn't used for all name resolves when enabled
1.9 HTTP/2 frames while in the connection pool kill reuse 1.9 HTTP/2 frames while in the connection pool kill reuse
1.10 Strips trailing dot from host name 1.10 Strips trailing dot from host name
1.11 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM 1.11 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM
@ -166,6 +167,16 @@ problems may have been fixed or changed somewhat since this was written!
See https://github.com/curl/curl/issues/2719 See https://github.com/curl/curl/issues/2719
1.8 DoH isn't used for all name resolves when enabled
Even if DoH is specified to be used, there are some name resolves that are
done without it. This should be fixed. When the internal function
`Curl_resolver_wait_resolv()` is called, it doesn't use DoH to complete the
resolve as it otherwise should.
See https://github.com/curl/curl/pull/3857 and
https://github.com/curl/curl/pull/3850
1.9 HTTP/2 frames while in the connection pool kill reuse 1.9 HTTP/2 frames while in the connection pool kill reuse
If the server sends HTTP/2 frames (like for example an HTTP/2 PING frame) to If the server sends HTTP/2 frames (like for example an HTTP/2 PING frame) to

View File

@ -357,7 +357,7 @@ static CURLcode bindlocal(struct connectdata *conn,
conn->ip_version = CURL_IPRESOLVE_V6; conn->ip_version = CURL_IPRESOLVE_V6;
#endif #endif
rc = Curl_resolv(conn, dev, 0, &h); rc = Curl_resolv(conn, dev, 0, FALSE, &h);
if(rc == CURLRESOLV_PENDING) if(rc == CURLRESOLV_PENDING)
(void)Curl_resolver_wait_resolv(conn, &h); (void)Curl_resolver_wait_resolv(conn, &h);
conn->ip_version = ipver; conn->ip_version = ipver;

View File

@ -1080,7 +1080,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
} }
/* resolv ip/host to ip */ /* resolv ip/host to ip */
rc = Curl_resolv(conn, host, 0, &h); rc = Curl_resolv(conn, host, 0, FALSE, &h);
if(rc == CURLRESOLV_PENDING) if(rc == CURLRESOLV_PENDING)
(void)Curl_resolver_wait_resolv(conn, &h); (void)Curl_resolver_wait_resolv(conn, &h);
if(h) { if(h) {
@ -1934,7 +1934,7 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
*/ */
const char * const host_name = conn->bits.socksproxy ? const char * const host_name = conn->bits.socksproxy ?
conn->socks_proxy.host.name : conn->http_proxy.host.name; conn->socks_proxy.host.name : conn->http_proxy.host.name;
rc = Curl_resolv(conn, host_name, (int)conn->port, &addr); rc = Curl_resolv(conn, host_name, (int)conn->port, FALSE, &addr);
if(rc == CURLRESOLV_PENDING) if(rc == CURLRESOLV_PENDING)
/* BLOCKING, ignores the return code but 'addr' will be NULL in /* BLOCKING, ignores the return code but 'addr' will be NULL in
case of failure */ case of failure */
@ -1950,7 +1950,7 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
} }
else { else {
/* normal, direct, ftp connection */ /* normal, direct, ftp connection */
rc = Curl_resolv(conn, ftpc->newhost, ftpc->newport, &addr); rc = Curl_resolv(conn, ftpc->newhost, ftpc->newport, FALSE, &addr);
if(rc == CURLRESOLV_PENDING) if(rc == CURLRESOLV_PENDING)
/* BLOCKING */ /* BLOCKING */
(void)Curl_resolver_wait_resolv(conn, &addr); (void)Curl_resolver_wait_resolv(conn, &addr);

View File

@ -482,6 +482,7 @@ Curl_cache_addr(struct Curl_easy *data,
int Curl_resolv(struct connectdata *conn, int Curl_resolv(struct connectdata *conn,
const char *hostname, const char *hostname,
int port, int port,
bool allowDOH,
struct Curl_dns_entry **entry) struct Curl_dns_entry **entry)
{ {
struct Curl_dns_entry *dns = NULL; struct Curl_dns_entry *dns = NULL;
@ -527,7 +528,7 @@ int Curl_resolv(struct connectdata *conn,
return CURLRESOLV_ERROR; return CURLRESOLV_ERROR;
} }
if(data->set.doh) { if(allowDOH && data->set.doh) {
addr = Curl_doh(conn, hostname, port, &respwait); addr = Curl_doh(conn, hostname, port, &respwait);
} }
else { else {
@ -653,7 +654,7 @@ int Curl_resolv_timeout(struct connectdata *conn,
if(!timeout) if(!timeout)
/* USE_ALARM_TIMEOUT defined, but no timeout actually requested */ /* USE_ALARM_TIMEOUT defined, but no timeout actually requested */
return Curl_resolv(conn, hostname, port, entry); return Curl_resolv(conn, hostname, port, TRUE, entry);
if(timeout < 1000) { if(timeout < 1000) {
/* The alarm() function only provides integer second resolution, so if /* The alarm() function only provides integer second resolution, so if
@ -715,7 +716,7 @@ int Curl_resolv_timeout(struct connectdata *conn,
/* Perform the actual name resolution. This might be interrupted by an /* Perform the actual name resolution. This might be interrupted by an
* alarm if it takes too long. * alarm if it takes too long.
*/ */
rc = Curl_resolv(conn, hostname, port, entry); rc = Curl_resolv(conn, hostname, port, TRUE, entry);
#ifdef USE_ALARM_TIMEOUT #ifdef USE_ALARM_TIMEOUT
clean_up: clean_up:

View File

@ -83,8 +83,11 @@ struct Curl_dns_entry {
#define CURLRESOLV_ERROR -1 #define CURLRESOLV_ERROR -1
#define CURLRESOLV_RESOLVED 0 #define CURLRESOLV_RESOLVED 0
#define CURLRESOLV_PENDING 1 #define CURLRESOLV_PENDING 1
int Curl_resolv(struct connectdata *conn, const char *hostname, int Curl_resolv(struct connectdata *conn,
int port, struct Curl_dns_entry **dnsentry); const char *hostname,
int port,
bool allowDOH,
struct Curl_dns_entry **dnsentry);
int Curl_resolv_timeout(struct connectdata *conn, const char *hostname, int Curl_resolv_timeout(struct connectdata *conn, const char *hostname,
int port, struct Curl_dns_entry **dnsentry, int port, struct Curl_dns_entry **dnsentry,
time_t timeoutms); time_t timeoutms);

View File

@ -155,7 +155,7 @@ CURLcode Curl_SOCKS4(const char *proxy_user,
Curl_addrinfo *hp = NULL; Curl_addrinfo *hp = NULL;
int rc; int rc;
rc = Curl_resolv(conn, hostname, remote_port, &dns); rc = Curl_resolv(conn, hostname, remote_port, FALSE, &dns);
if(rc == CURLRESOLV_ERROR) if(rc == CURLRESOLV_ERROR)
return CURLE_COULDNT_RESOLVE_PROXY; return CURLE_COULDNT_RESOLVE_PROXY;
@ -609,7 +609,7 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
else { else {
struct Curl_dns_entry *dns; struct Curl_dns_entry *dns;
Curl_addrinfo *hp = NULL; Curl_addrinfo *hp = NULL;
int rc = Curl_resolv(conn, hostname, remote_port, &dns); int rc = Curl_resolv(conn, hostname, remote_port, FALSE, &dns);
if(rc == CURLRESOLV_ERROR) if(rc == CURLRESOLV_ERROR)
return CURLE_COULDNT_RESOLVE_HOST; return CURLE_COULDNT_RESOLVE_HOST;