Bug ID 1225969
Summary kdig in knot does not support DoH(+https) query
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware x86-64
OS openSUSE Tumbleweed
Status NEW
Severity Normal
Priority P5 - None
Component Network
Assignee screening-team-bugs@suse.de
Reporter smbd.jp@gmail.com
QA Contact qa-bugs@suse.de
Target Milestone ---
Found By ---
Blocker --- 

An upstream kdig supports DoH(DNS over HTTPS) query and its option is "+https".
But, SuSE's does not.

Please enable it.

---
upstream$ kdig +https @8.8.8.8 www.google.com
;; TLS session (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
;; HTTP session (HTTP/2-POST)-(8.8.8.8/dns-query)-(status: 200)
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 0
;; Flags: qr rd ra; QUERY: 1; ANSWER: 1; AUTHORITY: 0; ADDITIONAL: 1

;; EDNS PSEUDOSECTION:
;; Version: 0; flags: ; UDP size: 512 B; ext-rcode: NOERROR
;; PADDING: 405 B

;; QUESTION SECTION:
;; www.google.com.              IN      A

;; ANSWER SECTION:
www.google.com.         300     IN      A       142.250.207.4

;; Received 468 B
;; Time 2024-06-05 11:17:21 JST
;; From 8.8.8.8@443(HTTPS) in 56.9 ms

upstream$ kdig --help | grep https
       +[no]https[=URL]           Use HTTPS protocol. It's also possible to
specify
       +[no]https-get             Use HTTPS protocol with GET method instead of
POST.

upstream$ $ ldd /usr/bin/kdig|grep http
        libnghttp2.so.14 => /usr/lib64/libnghttp2.so.14 (0x00007f1912178000)

---
suse$ kdig +https @8.8.8.8 www.google.com
Usage: kdig [-4] [-6] [-d] [-b address] [-c class] [-p port]
            [-q name] [-t type] [-x address] [-k keyfile]
            [-y [algo:]keyname:key] [-E tapfile] [-G tapfile]
            name [type] [class] [@server]

       +[no]multiline             Wrap long records to more lines.
       +[no]short                 Show record data only.
(snip)

suse$ kdig --help | grep https
(not match)

suse$ ldd /usr/bin/kdig|grep http
(not match)

You are receiving this mail because: