Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DoH cannot be used with SOCKS5 proxy #10537

Closed
roughtex opened this issue Feb 16, 2023 · 1 comment
Closed

DoH cannot be used with SOCKS5 proxy #10537

roughtex opened this issue Feb 16, 2023 · 1 comment
Assignees
Labels

Comments

@roughtex
Copy link

curl manpage states that --socks5 option resolves host names locally. I thought that "locally" meant "not by the proxy server itself". When it comes to --doh-url option, it's assumed that the name resolving is done by the DoH server that may be local as well.

The result of combining these options together is weird: curl attempts to use the default system resolver and doesn't connect to the DoH server. If the default system resolver is not working or returns spurious IP addresses, then there is no way to reach the host.

I did this

curl.exe --doh-url https://cloudflare-dns.com/dns-query --socks5 127.0.0.1:1080 https://example.com/

I expected the following

curl utilizes Cloudflare's DNS server to resolve example.com and connects to the host using the local SOCKS5 proxy.

curl/libcurl version

curl 7.88.0

operating system

Windows

bagder added a commit that referenced this issue Feb 16, 2023
For SOCKS modes where a local host resolve is done.

It was previously disabled in 12d655d, but a few local tests seem to
indicate that it works fine.

Reported-by: roughtex on github
Fixes #10537
bagder added a commit that referenced this issue Feb 16, 2023
For SOCKS modes where a local host resolve is done.

It was previously disabled in 12d655d, but a few local tests seem to
indicate that it works fine.

Reported-by: roughtex on github
Fixes #10537
@bagder bagder self-assigned this Feb 16, 2023
@bagder bagder closed this as completed in 6d860f1 Feb 17, 2023
bch pushed a commit to bch/curl that referenced this issue Jul 19, 2023
For SOCKS modes where a local host resolve is done.

It was previously disabled in 12d655d, but a few local tests seem to
indicate that it works fine. Works now because of the SOCKS refactor of
4a4b63d that made it non-blocking.

Reported-by: roughtex on github
Fixes curl#10537
Closes curl#10540
@vukitoso
Copy link

vukitoso commented Feb 17, 2024

local resolved:

curl -v -x socks5://user:pass@socksIP:1080 http://v4.ident.me

remotely resolved (socks):

curl -v -x socks5h://user:pass@socksIP:1080 http://v4.ident.me

doh resolve:

curl -v --doh-url https://cloudflare-dns.com/dns-query -x socks5://user:pass@socksIP:1080 http://v4.ident.me

remotely resolved (socks5) without doh:

curl -v --doh-url https://cloudflare-dns.com/dns-query -x socks5h://user:pass@socksIP:1080 http://v4.ident.me
curl --version
curl 8.5.0 (amd64-portbld-freebsd13.2) libcurl/8.5.0 OpenSSL/1.1.1t zlib/1.2.13 libpsl/0.21.5 (+libidn2/2.3.4) libssh2/1.11.0 nghttp2/1.59.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Development

Successfully merging a pull request may close this issue.

4 participants