Bugzilla – Bug 1225969
kdig in knot does not support DoH(+https) query
Last modified: 2024-07-02 20:55:02 UTC
An upstream kdig supports DoH(DNS over HTTPS) query and its option is "+https". But, SuSE's does not. Please enable it. --- upstream$ kdig +https @8.8.8.8 www.google.com ;; TLS session (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM) ;; HTTP session (HTTP/2-POST)-(8.8.8.8/dns-query)-(status: 200) ;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 0 ;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1 ;; EDNS PSEUDOSECTION: ;; Version: 0; flags: ; UDP size: 512 B; ext-rcode: NOERROR ;; PADDING: 405 B ;; QUESTION SECTION: ;; www.google.com. IN A ;; ANSWER SECTION: www.google.com. 300 IN A 142.250.207.4 ;; Received 468 B ;; Time 2024-06-05 11:17:21 JST ;; From 8.8.8.8@443(HTTPS) in 56.9 ms upstream$ kdig --help | grep https +[no]https[=URL] Use HTTPS protocol. It's also possible to specify +[no]https-get Use HTTPS protocol with GET method instead of POST. upstream$ $ ldd /usr/bin/kdig|grep http libnghttp2.so.14 => /usr/lib64/libnghttp2.so.14 (0x00007f1912178000) --- suse$ kdig +https @8.8.8.8 www.google.com Usage: kdig [-4] [-6] [-d] [-b address] [-c class] [-p port] [-q name] [-t type] [-x address] [-k keyfile] [-y [algo:]keyname:key] [-E tapfile] [-G tapfile] name [type] [class] [@server] +[no]multiline Wrap long records to more lines. +[no]short Show record data only. (snip) suse$ kdig --help | grep https (not match) suse$ ldd /usr/bin/kdig|grep http (not match)
This is an autogenerated message for OBS integration: This bug (1225969) was mentioned in https://build.opensuse.org/request/show/1184939 Factory / knot