net/dns, types/dnstypes: update some comments, tests for DoH

Clarify & verify that some DoH URLs can be sent over tailcfg
in some limited cases.

Updates #2452

Change-Id: Ibb25db77788629c315dc26285a1059a763989e24
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2022-09-08 15:54:29 -07:00 committed by Brad Fitzpatrick
parent 58abae1f83
commit 2aade349fc
3 changed files with 23 additions and 1 deletions

View File

@ -586,6 +586,18 @@ func TestManager(t *testing.T) {
Routes: upstreams(".", "2a07:a8c0::c3:a884"),
},
},
{
name: "nextdns-doh",
in: Config{
DefaultResolvers: mustRes("https://dns.nextdns.io/c3a884"),
},
os: OSConfig{
Nameservers: mustIPs("100.100.100.100"),
},
rs: resolver.Config{
Routes: upstreams(".", "https://dns.nextdns.io/c3a884"),
},
},
}
trIP := cmp.Transformer("ipStr", func(ip netip.Addr) string { return ip.String() })

View File

@ -84,6 +84,11 @@ func TestResolversWithDelays(t *testing.T) {
in: q("2a07:a8c0::c3:a884"),
want: o("https://dns.nextdns.io/c3a884"),
},
{
name: "nextdns-doh-input",
in: q("https://dns.nextdns.io/c3a884"),
want: o("https://dns.nextdns.io/c3a884"),
},
}
for _, tt := range tests {

View File

@ -17,8 +17,11 @@ type Resolver struct {
// - A plain IP address for a "classic" UDP+TCP DNS resolver.
// This is the common format as sent by the control plane.
// - An IP:port, for tests.
// - "https://resolver.com/path" for DNS over HTTPS; currently
// as of 2022-09-08 only used for certain well-known resolvers
// (see the publicdns package) for which the IP addresses to dial DoH are
// known ahead of time, so bootstrap DNS resolution is not required.
// - [TODO] "tls://resolver.com" for DNS over TCP+TLS
// - [TODO] "https://resolver.com/query-tmpl" for DNS over HTTPS
Addr string `json:",omitempty"`
// BootstrapResolution is an optional suggested resolution for the
@ -27,6 +30,8 @@ type Resolver struct {
// BootstrapResolution may be empty, in which case clients should
// look up the DoT/DoH server using their local "classic" DNS
// resolver.
//
// As of 2022-09-08, BootstrapResolution is not yet used.
BootstrapResolution []netip.Addr `json:",omitempty"`
}