Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dnsdist: Gather Server Name Indication on QUIC (DoQ, DoH3) connections #15024

Merged
merged 1 commit into from
Jan 23, 2025
Merged

dnsdist: Gather Server Name Indication on QUIC (DoQ, DoH3) connections #15024

merged 1 commit into from
Jan 23, 2025

Conversation

rgacogne
Copy link
Member

@rgacogne rgacogne commented Jan 9, 2025
edited
Loading

Short description

This PR adds Server Name Indication support for incoming QUIC (DoQ, DoH3) connections. It requires an accessor in the Quiche library that has not been merged yet, see cloudflare/quiche#1895

Closes #14048.

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

@rgacogne rgacogne added this to the dnsdist-2.0.0 milestone Jan 9, 2025
@rgacogne rgacogne requested a review from chbruyand January 9, 2025 14:40
@rgacogne rgacogne mentioned this pull request Jan 9, 2025
Closed
2 tasks
@rgacogne
Copy link
Member Author

rgacogne commented Jan 9, 2025

CI failure as expected since our version of Quiche lacks the required accessor:

FAILED test_SNI.py::TestSNI::testServerNameIndication - AssertionError: None is not true

@rgacogne
Copy link
Member Author

The accessor has been added to Quiche 🥳

@rgacogne rgacogne marked this pull request as ready for review January 23, 2025 09:39
@rgacogne
Copy link
Member Author

CI failure as expected since our version of Quiche lacks the required accessor

I have now gated the parts of this test that require the accessor behind the ENABLE_SNI_TESTS_WITH_QUICHE environment variable, and I'll create an issue to remember to enable it (or remote the gate?) once a new version of Quiche is available.

@rgacogne rgacogne mentioned this pull request Jan 23, 2025
Open
@coveralls
Copy link

Pull Request Test Coverage Report for Build 12926347037

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 26 of 26 (100.0%) changed or added relevant lines in 3 files are covered.
  • 46 unchanged lines in 12 files lost coverage.
  • Overall coverage increased (+0.03%) to 64.733%
Files with Coverage Reduction New Missed Lines %
pdns/recursordist/aggressive_nsec.cc 2 66.39%
pdns/dnsdistdist/dnsdist.cc 2 68.87%
pdns/recursordist/test-syncres_cc2.cc 3 88.85%
pdns/recursordist/syncres.cc 3 80.23%
pdns/misc.cc 3 62.77%
pdns/fstrm_logger.cc 3 44.08%
pdns/recursordist/recpacketcache.hh 3 89.55%
pdns/shuffle.cc 4 53.93%
pdns/recursordist/test-syncres_cc1.cc 5 89.84%
pdns/signingpipe.cc 5 83.91%
Totals Coverage Status
Change from base Build 12925097496: 0.03%
Covered Lines: 127873
Relevant Lines: 166459
💛 - Coveralls

@rgacogne rgacogne merged commit 2d3e3ea into PowerDNS:master Jan 23, 2025
81 checks passed
@rgacogne rgacogne deleted the ddist-quic-sni branch January 23, 2025 10:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chbruyand chbruyand chbruyand approved these changes

Assignees
No one assigned
Labels
dnsdist enhancement
Projects
None yet
Milestone
dnsdist-2.0.0
Development

Successfully merging this pull request may close these issues.

DNS over HTTP3 - no SNI for Apple devices
3 participants
@rgacogne @coveralls @chbruyand