0

When running the curl --doh-url https://dns-server.example.com https://www.example.com command, does curl --doh-url not take in an ip address? Can you not specify https://127.0.0.1 or something along the lines of an ip address? Trying to do this with libcurl code as well, but would like to specify the frontend ip address of a gcp load balancer. Also is the response of a curl --doh-url command just html text? I only see the doh dns response when I have the -v verbose flag on. Was wondering if there was another flag that just shows the dns response. Many thanks!

Daniel Stenberg
  • 54,736
  • 17
  • 146
  • 222
bwang
  • 49
  • 7
  • If you just want to use a DOH transport to some resolver to see results, you should just use a DNS client using DOH, not an HTTP one. `curl` uses the DOH endpoint as an intermediate step to resolve the name of the website to connect to and then retrieve content and hence give you HTML back or whatever the server gave it. The DOH step is just an intermediate computation. – Patrick Mevzek Nov 21 '19 at 23:09

2 Answers2

0

  1. Sure you can specify the DoH URL with an IP address. It requires that your DoH server has that IP in its certificate's subjectaltname though. (There's currently no --doh-insecure option to let you skip the cert check for DoH, possibly worked on in this pull request).

  2. No, a response of a curl --doh-url command is not just html text - that rather sounds like your server returns something bad That command line option just controls how curl resolves the name used in the URL and curl will then transfer the URL just as normal. If the DoH lookup fails, it will of course not transfer any URL though.

Daniel Stenberg
  • 54,736
  • 17
  • 146
  • 222
  • 1
    Good to know about the ip address/doh server cert feature! For the `curl --doh-url` response, I'm running something like `curl --doh-url https://cloudflare-dns.com/dns-query https://www.google.com` and getting just html. However, when I do `curl -v --doh-url https://cloudflare-dns.com/dns-query https://www.google.com`. I see the `* DOH A: 216.58.194.196` and `* DOH AAAA: 2607:f8b0:4005:080a:0000:0000:0000:2004`. This is with the google dns server as well. – bwang Nov 21 '19 at 23:01
  • Daniel: I think the user wants to access the results of the DOH query and display it. It gets HTML because it just downloads some webpage, whose results is unrelated to how the hostname was resolved. – Patrick Mevzek Nov 21 '19 at 23:11
  • @PatrickMevzek that's what I meant. Thank you for rephrasing! – bwang Nov 21 '19 at 23:28
  • The results of the name resolves are only ever shown in the verbose output, with or without `--doh-url`... We do however make a separate [doh](https://github.com/curl/doh) utility that shows the results of a DoH lookup. – Daniel Stenberg Nov 22 '19 at 07:12
0

curl's doh: stand-alone application for DoH name resolves and lookups.

  • Works with localhost / IP addresses.
  • Shows complete DNS request / response in verbose mode -v.
Amith
  • 730
  • 6
  • 22