From fe0ab2aa2e3e0fcfc075934219fce07a27043285 Mon Sep 17 00:00:00 2001 From: Kamary <6436370+kamarya@users.noreply.github.com> Date: Sat, 8 Feb 2020 10:13:27 -0500 Subject: [PATCH] fix libcurl problem with HTTP/2.0 Google DNS use HTTP/2.0 and some versions of libcurl fail to handle it correctly. Force libcurl to use HTTP/1.1 for now. --- inc/dnssec.h | 2 +- src/dnssec.c | 28 ++++++++++++++++++---------- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/inc/dnssec.h b/inc/dnssec.h index 1060bf0..b096a42 100644 --- a/inc/dnssec.h +++ b/inc/dnssec.h @@ -20,7 +20,7 @@ #define PIDFILE "/var/run/dnsd.pid" -#define LICENSE "DNSd Copyright (C) 2016 Behrooz Kamary Aliabadi.\n"\ +#define LICENSE "DNSd Copyright (C) 2016 Behrooz Kamary.\n"\ "This program comes with ABSOLUTELY NO WARRANTY. \n"\ "You should have received a copy of the GNU General Public License\n"\ "along with this program. If not, see ." diff --git a/src/dnssec.c b/src/dnssec.c index 6953df9..d1af679 100644 --- a/src/dnssec.c +++ b/src/dnssec.c @@ -153,7 +153,7 @@ size_t body_callback (void* contents, size_t size, size_t nmemb, void* userp) return chunk; } -void https_query (struct dns_query* query) +int https_query (struct dns_query* query) { CURL* curl; @@ -197,6 +197,10 @@ void https_query (struct dns_query* query) // do not check the SSL certificate authenticity //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); + + // failed to work with libcurl/7.65.3 and HTTP/2.0 + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); + curl_easy_setopt(curl, CURLOPT_TIMEOUT, options.server_timeout); if (options.https_proxy[0]) @@ -211,17 +215,21 @@ void https_query (struct dns_query* query) res = curl_easy_perform(curl); + curl_easy_cleanup(curl); + curl_slist_free_all(headers); + LOG_DEBUG("curl_easy_perform() has returned."); + if (res != CURLE_OK) { LOG_ERROR("curl_easy_perform() failed: %s", curl_easy_strerror(res)); + return EXIT_FAILURE; } - - curl_easy_cleanup(curl); - curl_slist_free_all(headers); - LOG_DEBUG("curl_easy_perform() has returned."); + return EXIT_SUCCESS; } curl_global_cleanup(); + + return EXIT_FAILURE; } int server() @@ -351,11 +359,11 @@ int server() // TODO support multiple questions; however it seems others don't. if (ntohs(header->q_count) == 1) { - https_query(&query); - - char* answer = (char *)(buffer + sizeof(struct dns_question) + sizeof(struct dns_header) + dnlen + 1); - - answer_length = json_to_answer(answer, header, max_len); + if (https_query(&query) == EXIT_SUCCESS) + { + char* answer = (char *)(buffer + sizeof(struct dns_question) + sizeof(struct dns_header) + dnlen + 1); + answer_length = json_to_answer(answer, header, max_len); + } } if (!answer_length)