This issue has two parts with the general theme being extended options/configuration support.
Currently the path is hard coded to "/dns-query". While this works for Google, Cloudflare and is mentioned in the DNS-over-HTTPS RFC, not all DoH servers may use that. As long as they correspond to POST requests still, the HTTPS resolver should still be able to communicate with them if the path was set to what they use.
Current thought is a custom static method to create an instance of NameServer with options for HTTPS resolvers:
NameServer.CreateHttps(IPEndPoint, HttpsResolverOptions);
Examples of DoH servers that don't as raised to me via email (I do not know nor endorse these, they purely serve as an example of alternative DoH paths in the wild):
https://doh.applied-privacy.net/query
https://doh.cleanbrowsing.org/doh/security-filter
https://doh.cleanbrowsing.org/doh/adult-filter
Currently DNS-over-TLS doesn't allow you to easily specify the DNS host name for the resolver in terms of validating the certificate. Similar to the above with HTTPS options, a more functional way to modify options for a TLS connection would be nicer than creating a custom resolver manually.
Related #19
For the case of general nested resolving, both of these could be extended to have an async variant that allows resolving of a DNS server which would create the NameServer instance. This would need to create a one-off DNS client to somewhere to resolve it and will need to be provided a name server to connect to.
For example, something like this:
NameServer.CreateHttpsAsync(Uri httpsDnsServer, NameServer resolvedVia, HttpsResolverOptions);
This issue has two parts with the general theme being extended options/configuration support.
Currently the path is hard coded to "/dns-query". While this works for Google, Cloudflare and is mentioned in the DNS-over-HTTPS RFC, not all DoH servers may use that. As long as they correspond to POST requests still, the HTTPS resolver should still be able to communicate with them if the path was set to what they use.
Current thought is a custom static method to create an instance of
NameServerwith options for HTTPS resolvers:Examples of DoH servers that don't as raised to me via email (I do not know nor endorse these, they purely serve as an example of alternative DoH paths in the wild):
Currently DNS-over-TLS doesn't allow you to easily specify the DNS host name for the resolver in terms of validating the certificate. Similar to the above with HTTPS options, a more functional way to modify options for a TLS connection would be nicer than creating a custom resolver manually.
Related #19
For the case of general nested resolving, both of these could be extended to have an async variant that allows resolving of a DNS server which would create the
NameServerinstance. This would need to create a one-off DNS client to somewhere to resolve it and will need to be provided a name server to connect to.For example, something like this: