1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-13 21:15:08 -05:00

cleanup: spell DoH with a lowercase o

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

Closes #7413
This commit is contained in:
Josh Soref 2021-07-16 03:17:03 -04:00 committed by Daniel Stenberg
parent b463c10950
commit de1004eb0f
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
18 changed files with 80 additions and 80 deletions

View File

@ -1,7 +1,7 @@
Long: doh-cert-status
Help: Verify the status of the DOH server cert via OCSP-staple
Help: Verify the status of the DoH server cert via OCSP-staple
Protocols: all
Added: 7.76.0
Category: dns tls
---
Same as --cert-status but used for DOH (DNS-over-HTTPS).
Same as --cert-status but used for DoH (DNS-over-HTTPS).

View File

@ -1,7 +1,7 @@
Long: doh-insecure
Help: Allow insecure DOH server connections
Help: Allow insecure DoH server connections
Protocols: all
Added: 7.76.0
Category: dns tls
---
Same as --insecure but used for DOH (DNS-over-HTTPS).
Same as --insecure but used for DoH (DNS-over-HTTPS).

View File

@ -1,14 +1,14 @@
Long: doh-url
Arg: <URL>
Help: Resolve host names over DOH
Help: Resolve host names over DoH
Protocols: all
Added: 7.62.0
Category: dns
---
Specifies which DNS-over-HTTPS (DOH) server to use to resolve hostnames,
Specifies which DNS-over-HTTPS (DoH) server to use to resolve hostnames,
instead of using the default name resolver mechanism. The URL must be HTTPS.
Some SSL options that you set for your transfer will apply to DOH since the
Some SSL options that you set for your transfer will apply to DoH since the
name lookups take place over SSL. However, the certificate verification
settings are not inherited and can be controlled separately via
--doh-insecure and --doh-cert-status.

View File

@ -201,7 +201,7 @@ Timeout for DNS cache. See \fICURLOPT_DNS_CACHE_TIMEOUT(3)\fP
.IP CURLOPT_DNS_USE_GLOBAL_CACHE
OBSOLETE Enable global DNS cache. See \fICURLOPT_DNS_USE_GLOBAL_CACHE(3)\fP
.IP CURLOPT_DOH_URL
Use this DOH server for name resolves. See \fICURLOPT_DOH_URL(3)\fP
Use this DoH server for name resolves. See \fICURLOPT_DOH_URL(3)\fP
.IP CURLOPT_BUFFERSIZE
Ask for alternate buffer size. See \fICURLOPT_BUFFERSIZE(3)\fP
.IP CURLOPT_PORT
@ -566,21 +566,21 @@ Proxy SSL version to use. See \fICURLOPT_PROXY_SSLVERSION(3)\fP
.IP CURLOPT_SSL_VERIFYHOST
Verify the host name in the SSL certificate. See \fICURLOPT_SSL_VERIFYHOST(3)\fP
.IP CURLOPT_DOH_SSL_VERIFYHOST
Verify the host name in the DOH (DNS-over-HTTPS) SSL certificate. See
Verify the host name in the DoH (DNS-over-HTTPS) SSL certificate. See
\fICURLOPT_DOH_SSL_VERIFYHOST(3)\fP
.IP CURLOPT_PROXY_SSL_VERIFYHOST
Verify the host name in the proxy SSL certificate. See \fICURLOPT_PROXY_SSL_VERIFYHOST(3)\fP
.IP CURLOPT_SSL_VERIFYPEER
Verify the SSL certificate. See \fICURLOPT_SSL_VERIFYPEER(3)\fP
.IP CURLOPT_DOH_SSL_VERIFYPEER
Verify the DOH (DNS-over-HTTPS) SSL certificate. See
Verify the DoH (DNS-over-HTTPS) SSL certificate. See
\fICURLOPT_DOH_SSL_VERIFYPEER(3)\fP
.IP CURLOPT_PROXY_SSL_VERIFYPEER
Verify the proxy SSL certificate. See \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP
.IP CURLOPT_SSL_VERIFYSTATUS
Verify the SSL certificate's status. See \fICURLOPT_SSL_VERIFYSTATUS(3)\fP
.IP CURLOPT_DOH_SSL_VERIFYSTATUS
Verify the DOH (DNS-over-HTTPS) SSL certificate's status. See
Verify the DoH (DNS-over-HTTPS) SSL certificate's status. See
\fICURLOPT_DOH_SSL_VERIFYSTATUS(3)\fP
.IP CURLOPT_CAINFO
CA cert bundle. See \fICURLOPT_CAINFO(3)\fP

View File

@ -22,25 +22,25 @@
.\"
.TH CURLOPT_DOH_SSL_VERIFYHOST 3 "11 Feb 2021" "libcurl 7.76.0" "curl_easy_setopt options"
.SH NAME
CURLOPT_DOH_SSL_VERIFYHOST \- verify the host name in the DOH SSL certificate
CURLOPT_DOH_SSL_VERIFYHOST \- verify the host name in the DoH SSL certificate
.SH SYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_DOH_SSL_VERIFYHOST, long verify);
.SH DESCRIPTION
Pass a long set to 2L as asking curl to \fIverify\fP the DOH (DNS-over-HTTPS)
Pass a long set to 2L as asking curl to \fIverify\fP the DoH (DNS-over-HTTPS)
server's certificate name fields against the host name.
This option is the DOH equivalent of \fICURLOPT_SSL_VERIFYHOST(3)\fP and
only affects requests to the DOH server.
This option is the DoH equivalent of \fICURLOPT_SSL_VERIFYHOST(3)\fP and
only affects requests to the DoH server.
When \fICURLOPT_DOH_SSL_VERIFYHOST(3)\fP is 2, the SSL certificate provided by
the DOH server must indicate that the server name is the same as the server
the DoH server must indicate that the server name is the same as the server
name to which you meant to connect to, or the connection fails.
Curl considers the DOH server the intended one when the Common Name field or a
Curl considers the DoH server the intended one when the Common Name field or a
Subject Alternate Name field in the certificate matches the host name in the
DOH URL to which you told Curl to connect.
DoH URL to which you told Curl to connect.
When the \fIverify\fP value is set to 1L it is treated the same as 2L. However
for consistency with the other VERIFYHOST options we suggest use 2 and not 1.
@ -49,14 +49,14 @@ When the \fIverify\fP value is set to 0L, the connection succeeds regardless of
the names used in the certificate. Use that ability with caution!
See also \fICURLOPT_DOH_SSL_VERIFYPEER(3)\fP to verify the digital signature
of the DOH server certificate. If libcurl is built against NSS and
of the DoH server certificate. If libcurl is built against NSS and
\fICURLOPT_DOH_SSL_VERIFYPEER(3)\fP is zero,
\fICURLOPT_DOH_SSL_VERIFYHOST(3)\fP is also set to zero and cannot be
overridden.
.SH DEFAULT
2
.SH PROTOCOLS
DOH
DoH
.SH EXAMPLE
.nf
CURL *curl = curl_easy_init();
@ -65,7 +65,7 @@ if(curl) {
curl_easy_setopt(curl, CURLOPT_DOH_URL, "https://cloudflare-dns.com/dns-query");
/* Disable host name verification of the DOH server */
/* Disable host name verification of the DoH server */
curl_easy_setopt(curl, CURLOPT_DOH_SSL_VERIFYHOST, 0L);
curl_easy_perform(curl);

View File

@ -22,7 +22,7 @@
.\"
.TH CURLOPT_DOH_SSL_VERIFYPEER 3 "11 Feb 2021" "libcurl 7.76.0" "curl_easy_setopt options"
.SH NAME
CURLOPT_DOH_SSL_VERIFYPEER \- verify the DOH SSL certificate
CURLOPT_DOH_SSL_VERIFYPEER \- verify the DoH SSL certificate
.SH SYNOPSIS
#include <curl/curl.h>
@ -30,12 +30,12 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_DOH_SSL_VERIFYPEER, long verify)
.SH DESCRIPTION
Pass a long as parameter set to 1L to enable or 0L to disable.
This option tells curl to verify the authenticity of the DOH (DNS-over-HTTPS)
This option tells curl to verify the authenticity of the DoH (DNS-over-HTTPS)
server's certificate. A value of 1 means curl verifies; 0 (zero) means it
doesn't.
This option is the DOH equivalent of \fICURLOPT_SSL_VERIFYPEER(3)\fP and
only affects requests to the DOH server.
This option is the DoH equivalent of \fICURLOPT_SSL_VERIFYPEER(3)\fP and
only affects requests to the DoH server.
When negotiating a TLS or SSL connection, the server sends a certificate
indicating its identity. Curl verifies whether the certificate is authentic,
@ -65,7 +65,7 @@ the correct end-point.
.SH DEFAULT
1
.SH PROTOCOLS
DOH
DoH
.SH EXAMPLE
.nf
CURL *curl = curl_easy_init();
@ -74,7 +74,7 @@ if(curl) {
curl_easy_setopt(curl, CURLOPT_DOH_URL, "https://cloudflare-dns.com/dns-query");
/* Disable certificate verification of the DOH server */
/* Disable certificate verification of the DoH server */
curl_easy_setopt(curl, CURLOPT_DOH_SSL_VERIFYPEER, 0L);
curl_easy_perform(curl);

View File

@ -22,7 +22,7 @@
.\"
.TH CURLOPT_DOH_SSL_VERIFYSTATUS 3 "11 Feb 2021" "libcurl 7.76.0" "curl_easy_setopt options"
.SH NAME
CURLOPT_DOH_SSL_VERIFYSTATUS \- verify the DOH SSL certificate's status
CURLOPT_DOH_SSL_VERIFYSTATUS \- verify the DoH SSL certificate's status
.SH SYNOPSIS
#include <curl/curl.h>
@ -30,19 +30,19 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_DOH_SSL_VERIFYSTATUS, long verif
.SH DESCRIPTION
Pass a long as parameter set to 1 to enable or 0 to disable.
This option determines whether libcurl verifies the status of the DOH
This option determines whether libcurl verifies the status of the DoH
(DNS-over-HTTPS) server cert using the "Certificate Status Request" TLS
extension (aka. OCSP stapling).
This option is the DOH equivalent of \fICURLOPT_SSL_VERIFYSTATUS(3)\fP and
only affects requests to the DOH server.
This option is the DoH equivalent of \fICURLOPT_SSL_VERIFYSTATUS(3)\fP and
only affects requests to the DoH server.
Note that if this option is enabled but the server does not support the TLS
extension, the verification will fail.
.SH DEFAULT
0
.SH PROTOCOLS
DOH
DoH
.SH EXAMPLE
.nf
CURL *curl = curl_easy_init();
@ -51,7 +51,7 @@ if(curl) {
curl_easy_setopt(curl, CURLOPT_DOH_URL, "https://cloudflare-dns.com/dns-query");
/* Ask for OCSP stapling when verifying the DOH server */
/* Ask for OCSP stapling when verifying the DoH server */
curl_easy_setopt(curl, CURLOPT_DOH_SSL_VERIFYSTATUS, 1L);
curl_easy_perform(curl);

View File

@ -28,7 +28,7 @@ CURLOPT_DOH_URL \- provide the DNS-over-HTTPS URL
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_DOH_URL, char *URL);
.SH DESCRIPTION
Pass in a pointer to a \fIURL\fP for the DOH server to use for name
Pass in a pointer to a \fIURL\fP for the DoH server to use for name
resolving. The parameter should be a char * to a null-terminated string which
must be URL-encoded in the following format: "https://host:port/path". It MUST
specify a HTTPS URL.
@ -39,19 +39,19 @@ still return \fICURLE_OK\fP.
curl sends POST requests to the given DNS-over-HTTPS URL.
To find the DOH server itself, which might be specified using a name, libcurl
To find the DoH server itself, which might be specified using a name, libcurl
will use the default name lookup function. You can bootstrap that by providing
the address for the DOH server with \fICURLOPT_RESOLVE(3)\fP.
the address for the DoH server with \fICURLOPT_RESOLVE(3)\fP.
Disable DOH use again by setting this option to NULL.
Disable DoH use again by setting this option to NULL.
\fBAdvanced:\fP The DOH lookups use SSL so some SSL settings from your transfer
\fBAdvanced:\fP The DoH lookups use SSL so some SSL settings from your transfer
are inherited. The hostname and peer certificate verification settings are not
inherited and can be controlled separately via
\fICURLOPT_DOH_SSL_VERIFYHOST(3)\fP and \fICURLOPT_DOH_SSL_VERIFYPEER(3)\fP.
Note \fICURLOPT_SSL_CTX_FUNCTION(3)\fP is inherited.
.SH DEFAULT
NULL - there is no default DOH URL. If this option isn't set, libcurl will use
NULL - there is no default DoH URL. If this option isn't set, libcurl will use
the default name resolver.
.SH PROTOCOLS
All
@ -71,7 +71,7 @@ Returns CURLE_OK on success or CURLE_OUT_OF_MEMORY if there was insufficient
heap space.
Note that \fIcurl_easy_setopt(3)\fP won't actually parse the given string so
given a bad DOH URL, curl will not detect a problem until it tries to resolve
given a bad DoH URL, curl will not detect a problem until it tries to resolve
a name with it.
.SH "SEE ALSO"
.BR CURLOPT_VERBOSE "(3), " CURLOPT_RESOLVE "(3), "

View File

@ -63,12 +63,12 @@ knowing anything about it, which then subsequently can lead to libcurl
unknowingly reusing SSL connections with different properties. To remedy this
you may set \fICURLOPT_FORBID_REUSE(3)\fP from the callback function.
WARNING: If you are using DNS-over-HTTPS (DOH) via \fICURLOPT_DOH_URL(3)\fP
WARNING: If you are using DNS-over-HTTPS (DoH) via \fICURLOPT_DOH_URL(3)\fP
then the CTX callback will also be called for those transfers and the curl
handle is set to an internal handle. \fBThis behavior is subject to change.\fP
We recommend before performing your transfer set \fICURLOPT_PRIVATE(3)\fP on
your curl handle so you can identify it in the CTX callback. If you have a
reason to modify DOH SSL context please let us know on the curl-library mailing
reason to modify DoH SSL context please let us know on the curl-library mailing
list because we are considering removing this capability.
.SH DEFAULT
NULL

View File

@ -2088,13 +2088,13 @@ typedef enum {
/* Parameters for V4 signature */
CURLOPT(CURLOPT_AWS_SIGV4, CURLOPTTYPE_STRINGPOINT, 305),
/* Same as CURLOPT_SSL_VERIFYPEER but for DOH (DNS-over-HTTPS) servers. */
/* Same as CURLOPT_SSL_VERIFYPEER but for DoH (DNS-over-HTTPS) servers. */
CURLOPT(CURLOPT_DOH_SSL_VERIFYPEER, CURLOPTTYPE_LONG, 306),
/* Same as CURLOPT_SSL_VERIFYHOST but for DOH (DNS-over-HTTPS) servers. */
/* Same as CURLOPT_SSL_VERIFYHOST but for DoH (DNS-over-HTTPS) servers. */
CURLOPT(CURLOPT_DOH_SSL_VERIFYHOST, CURLOPTTYPE_LONG, 307),
/* Same as CURLOPT_SSL_VERIFYSTATUS but for DOH (DNS-over-HTTPS) servers. */
/* Same as CURLOPT_SSL_VERIFYSTATUS but for DoH (DNS-over-HTTPS) servers. */
CURLOPT(CURLOPT_DOH_SSL_VERIFYSTATUS, CURLOPTTYPE_LONG, 308),
/* The CA certificates as "blob" used to validate the peer certificate

View File

@ -186,19 +186,19 @@ doh_write_cb(const void *contents, size_t size, size_t nmemb, void *userp)
return realsize;
}
/* called from multi.c when this DOH transfer is complete */
/* called from multi.c when this DoH transfer is complete */
static int doh_done(struct Curl_easy *doh, CURLcode result)
{
struct Curl_easy *data = doh->set.dohfor;
struct dohdata *dohp = data->req.doh;
/* so one of the DOH request done for the 'data' transfer is now complete! */
/* so one of the DoH request done for the 'data' transfer is now complete! */
dohp->pending--;
infof(data, "a DOH request is completed, %u to go", dohp->pending);
infof(data, "a DoH request is completed, %u to go", dohp->pending);
if(result)
infof(data, "DOH request %s", curl_easy_strerror(result));
infof(data, "DoH request %s", curl_easy_strerror(result));
if(!dohp->pending) {
/* DOH completed */
/* DoH completed */
curl_slist_free_all(dohp->headers);
dohp->headers = NULL;
Curl_expire(data, 0, EXPIRE_RUN_NOW);
@ -228,7 +228,7 @@ static CURLcode dohprobe(struct Curl_easy *data,
DOHcode d = doh_encode(host, dnstype, p->dohbuffer, sizeof(p->dohbuffer),
&p->dohlen);
if(d) {
failf(data, "Failed to encode DOH packet [%d]", d);
failf(data, "Failed to encode DoH packet [%d]", d);
return CURLE_OUT_OF_MEMORY;
}
@ -302,7 +302,7 @@ static CURLcode dohprobe(struct Curl_easy *data,
/* Inherit *some* SSL options from the user's transfer. This is a
best-guess as to which options are needed for compatibility. #3661
Note DOH does not inherit the user's proxy server so proxy SSL settings
Note DoH does not inherit the user's proxy server so proxy SSL settings
have no effect and are not inherited. If that changes then two new
options should be added to check doh proxy insecure separately,
CURLOPT_DOH_PROXY_SSL_VERIFYHOST and CURLOPT_DOH_PROXY_SSL_VERIFYPEER.
@ -366,8 +366,8 @@ static CURLcode dohprobe(struct Curl_easy *data,
doh->set.dohfor = data; /* identify for which transfer this is done */
p->easy = doh;
/* DOH private_data must be null because the user must have a way to
distinguish their transfer's handle from DOH handles in user
/* DoH private_data must be null because the user must have a way to
distinguish their transfer's handle from DoH handles in user
callbacks (ie SSL CTX callback). */
DEBUGASSERT(!doh->set.private_data);
@ -386,7 +386,7 @@ static CURLcode dohprobe(struct Curl_easy *data,
}
/*
* Curl_doh() resolves a name using DOH. It resolves a name and returns a
* Curl_doh() resolves a name using DoH. It resolves a name and returns a
* 'Curl_addrinfo *' with the address information.
*/
@ -420,7 +420,7 @@ struct Curl_addrinfo *Curl_doh(struct Curl_easy *data,
if(!dohp->headers)
goto error;
/* create IPv4 DOH request */
/* create IPv4 DoH request */
result = dohprobe(data, &dohp->probe[DOH_PROBE_SLOT_IPADDR_V4],
DNS_TYPE_A, hostname, data->set.str[STRING_DOH],
data->multi, dohp->headers);
@ -429,7 +429,7 @@ struct Curl_addrinfo *Curl_doh(struct Curl_easy *data,
dohp->pending++;
if(Curl_ipv6works(data)) {
/* create IPv6 DOH request */
/* create IPv6 DoH request */
result = dohprobe(data, &dohp->probe[DOH_PROBE_SLOT_IPADDR_V6],
DNS_TYPE_AAAA, hostname, data->set.str[STRING_DOH],
data->multi, dohp->headers);
@ -768,7 +768,7 @@ static void showdoh(struct Curl_easy *data,
for(i = 0; i < d->numaddr; i++) {
const struct dohaddr *a = &d->addr[i];
if(a->type == DNS_TYPE_A) {
infof(data, "DOH A: %u.%u.%u.%u",
infof(data, "DoH A: %u.%u.%u.%u",
a->ip.v4[0], a->ip.v4[1],
a->ip.v4[2], a->ip.v4[3]);
}
@ -777,7 +777,7 @@ static void showdoh(struct Curl_easy *data,
char buffer[128];
char *ptr;
size_t len;
msnprintf(buffer, 128, "DOH AAAA: ");
msnprintf(buffer, 128, "DoH AAAA: ");
ptr = &buffer[10];
len = 118;
for(j = 0; j < 16; j += 2) {
@ -803,7 +803,7 @@ static void showdoh(struct Curl_easy *data,
* doh2ai()
*
* This function returns a pointer to the first element of a newly allocated
* Curl_addrinfo struct linked list filled with the data from a set of DOH
* Curl_addrinfo struct linked list filled with the data from a set of DoH
* lookups. Curl_addrinfo is meant to work like the addrinfo struct does for
* a IPv6 stack, but usable also for IPv4, all hosts and environments.
*
@ -931,7 +931,7 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
if(!dohp->probe[DOH_PROBE_SLOT_IPADDR_V4].easy &&
!dohp->probe[DOH_PROBE_SLOT_IPADDR_V6].easy) {
failf(data, "Could not DOH-resolve: %s", data->state.async.hostname);
failf(data, "Could not DoH-resolve: %s", data->state.async.hostname);
return data->conn->bits.proxy?CURLE_COULDNT_RESOLVE_PROXY:
CURLE_COULDNT_RESOLVE_HOST;
}
@ -941,7 +941,7 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
};
struct dohentry de;
int slot;
/* remove DOH handles from multi handle and close them */
/* remove DoH handles from multi handle and close them */
for(slot = 0; slot < DOH_PROBE_SLOTS; slot++) {
curl_multi_remove_handle(data->multi, dohp->probe[slot].easy);
Curl_close(&dohp->probe[slot].easy);
@ -958,7 +958,7 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
&de);
Curl_dyn_free(&p->serverdoh);
if(rc[slot]) {
infof(data, "DOH: %s type %s for %s", doh_strerror(rc[slot]),
infof(data, "DoH: %s type %s for %s", doh_strerror(rc[slot]),
type2name(p->dnstype), dohp->host);
}
} /* next slot */
@ -969,7 +969,7 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
struct Curl_dns_entry *dns;
struct Curl_addrinfo *ai;
infof(data, "DOH Host name: %s", dohp->host);
infof(data, "DoH Host name: %s", dohp->host);
showdoh(data, &de);
ai = doh2ai(&de, dohp->host, dohp->port);
@ -1007,7 +1007,7 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
} /* !dohp->pending */
/* else wait for pending DOH transactions to complete */
/* else wait for pending DoH transactions to complete */
return CURLE_OK;
}

View File

@ -101,7 +101,7 @@ void de_init(struct dohentry *d);
void de_cleanup(struct dohentry *d);
#endif
#else /* if DOH is disabled */
#else /* if DoH is disabled */
#define Curl_doh(a,b,c,d) NULL
#define Curl_doh_is_resolved(x,y) CURLE_COULDNT_RESOLVE_HOST
#endif

View File

@ -1190,7 +1190,7 @@ int Curl_resolv_getsock(struct Curl_easy *data,
{
#ifdef CURLRES_ASYNCH
if(data->conn->bits.doh)
/* nothing to wait for during DOH resolve, those handles have their own
/* nothing to wait for during DoH resolve, those handles have their own
sockets */
return GETSOCK_BLANK;
return Curl_resolver_getsock(data, socks);

View File

@ -1872,7 +1872,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
break;
case CURLOPT_DOH_SSL_VERIFYPEER:
/*
* Enable peer SSL verifying for DOH.
* Enable peer SSL verifying for DoH.
*/
data->set.doh_verifypeer = (0 != va_arg(param, long)) ?
TRUE : FALSE;
@ -1911,7 +1911,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
break;
case CURLOPT_DOH_SSL_VERIFYHOST:
/*
* Enable verification of the host name in the peer certificate for DOH
* Enable verification of the host name in the peer certificate for DoH
*/
arg = va_arg(param, long);
@ -1955,7 +1955,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
break;
case CURLOPT_DOH_SSL_VERIFYSTATUS:
/*
* Enable certificate status verifying for DOH.
* Enable certificate status verifying for DoH.
*/
if(!Curl_ssl_cert_status_request()) {
result = CURLE_NOT_BUILT_IN;

View File

@ -1848,9 +1848,9 @@ struct UserDefined {
BIT(disallow_username_in_url); /* disallow username in url */
BIT(doh); /* DNS-over-HTTPS enabled */
BIT(doh_get); /* use GET for DoH requests, instead of POST */
BIT(doh_verifypeer); /* DOH certificate peer verification */
BIT(doh_verifyhost); /* DOH certificate hostname verification */
BIT(doh_verifystatus); /* DOH certificate status verification */
BIT(doh_verifypeer); /* DoH certificate peer verification */
BIT(doh_verifyhost); /* DoH certificate hostname verification */
BIT(doh_verifystatus); /* DoH certificate status verification */
BIT(http09_allowed); /* allow HTTP/0.9 responses */
BIT(mail_rcpt_allowfails); /* allow RCPT TO command to fail for some
recipients */

View File

@ -174,7 +174,7 @@ struct OperationConfig {
bool use_httpget;
bool insecure_ok; /* set TRUE to allow insecure SSL connects */
bool doh_insecure_ok; /* set TRUE to allow insecure SSL connects
for DOH */
for DoH */
bool proxy_insecure_ok; /* set TRUE to allow insecure SSL connects
for proxy */
bool terminal_binary_ok;

View File

@ -245,13 +245,13 @@ static const struct helptxt helptext[] = {
"DNS server addrs to use",
CURLHELP_DNS},
{" --doh-cert-status",
"Verify the status of the DOH server cert via OCSP-staple",
"Verify the status of the DoH server cert via OCSP-staple",
CURLHELP_DNS | CURLHELP_TLS},
{" --doh-insecure",
"Allow insecure DOH server connections",
"Allow insecure DoH server connections",
CURLHELP_DNS | CURLHELP_TLS},
{" --doh-url <URL>",
"Resolve host names over DOH",
"Resolve host names over DoH",
CURLHELP_DNS},
{"-D, --dump-header <filename>",
"Write the received headers to <filename>",

View File

@ -11,7 +11,7 @@ DOH
# Server-side
<reply>
# This is the DOH response for foo.example.com A 127.0.0.1. This requires that
# This is the DoH response for foo.example.com A 127.0.0.1. This requires that
# the test server is accessible at that address!
<data1 base64="yes">
@ -43,7 +43,7 @@ Funny-head: yesyes
http
</server>
# requires debug so that it can use the DOH server without https
# requires debug so that it can use the DoH server without https
# requires IPv6 so that we can assume and compare both DoH requests
<features>
@ -52,7 +52,7 @@ DoH
ipv6
</features>
<name>
HTTP GET using DOH
HTTP GET using DoH
</name>
<command>
http://foo.example.com:%HTTPPORT/%TESTNUMBER --doh-url http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001