Re: Confused about --doh/--resolve
Date: Tue, 11 Aug 2020 13:36:18 +0200 (CEST)
On Tue, 11 Aug 2020, Gisle Vanem via curl-users wrote:
I think you primarily see this KNOWN_BUG:
https://curl.haxx.se/docs/knownbugs.html#DoH_doesn_t_inherit_all_transfer
> I'm confused about what a command like this does:
> curl --ipv4 --resolve cloudflare-dns.com:443:104.16.248.249 \
> --doh-url https://cloudflare-dns.com/dns-query \
> https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html
>
> First, I note curl connects to 'cloudflare-dns.com' using IPv6
> even though I specified '--ipv4' and added 'cloudflare-dns.com's
> IPv4 address to this "fake" DNS-cache.
--ipv4 is meant and used for the primary transfer, the connection to
ssllabs.com in your command line.
As the known DoH bug says, lots of transfer options are not copied into the
transfer used for the DoH request. I think perhaps primarily now because its
not clear exactly what options to inherit or if we should rather add new
options for that, which in itself would be really annoying.
But maybe there's also a bug in there:
> Adding a '-v', I see this confusing trace:
> * family0 == v6, family1 == v4
> * Trying 2606:4700::6810:f8f9:443...
This seems to indicate that curl resolved "cloudflare-dns.com" anyway, which
it seems it shouldn't have done.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/ ----------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2020-08-11