added tls client configuration for doh and doq

mr-karan · Dec 9, 2023 · 89224c7 · 89224c7 · trap13star11 · Feb 23, 2024
1 parent 371f014
commit 89224c7
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/pkg/resolvers/doh.go b/pkg/resolvers/doh.go
@@ -2,6 +2,7 @@ package resolvers
 
 import (
 	"bytes"
+	"crypto/tls"
 	"encoding/base64"
 	"fmt"
 	"io/ioutil"
@@ -30,8 +31,14 @@ func NewDOHResolver(server string, resolverOpts Options) (Resolver, error) {
 	if u.Scheme != "https" {
 		return nil, fmt.Errorf("missing https in %s", server)
 	}
+	transport := http.DefaultTransport.(*http.Transport).Clone()
+	transport.TLSClientConfig = &tls.Config {
+		ServerName:         resolverOpts.TLSHostname,
+		InsecureSkipVerify: resolverOpts.InsecureSkipVerify,
+	}
 	httpClient := &http.Client{
 		Timeout: resolverOpts.Timeout,
+		Transport: transport,
 	}
 	return &DOHResolver{
 		client:          httpClient,

diff --git a/pkg/resolvers/doq.go b/pkg/resolvers/doq.go
@@ -26,7 +26,9 @@ type DOQResolver struct {
 func NewDOQResolver(server string, resolverOpts Options) (Resolver, error) {
 	return &DOQResolver{
 		tls: &tls.Config{
-			NextProtos: []string{"doq"},
+			NextProtos: 		[]string{"doq"},
+			ServerName: 		resolverOpts.TLSHostname,
+			InsecureSkipVerify: 	resolverOpts.InsecureSkipVerify,
 		},
 		server:          server,
 		resolverOptions: resolverOpts,