#dns #dns-queries #https #sending #default #hostnames #d-oh

bin+lib dnsoverhttps

Resolve hostnames by sending DNS queries over HTTPS

6 releases (breaking)

Uses old Rust 2015

0.6.0 Sep 20, 2018
0.5.0 Jun 5, 2018
0.4.0 Apr 1, 2018
0.3.0 Apr 1, 2018
0.1.0 Feb 6, 2018

#21 in #dns-queries

MIT license

12KB
165 lines

dnsoverhttps - D'oh!

Resolve hostnames by sending DNS queries over HTTPS. It uses https://1.1.1.1 as the DNS resolver by default, hosted by Cloudflare. According to Cloudflare it is a privacy-first consumer DNS service. See https://1.1.1.1 for more information.

Based on https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-07.

Drawbacks

  • When specifing a URL, the hostname has to be specified as well for use in HTTP. The TLS Certificate received from the server is validated, but not checked for the correct hostname..
  • Only handles A and AAAA records for now (IPv4 & IPv6, this implicitely handles CNAMES when they are resolved recursively)

Example: Default resolver

let addr = dnsoverhttps::resolve_host("example.com");

Example: Custom resolver

let client = dnsoverhttps::Client::from_url_with_hostname("https://172.217.21.110/experimental", "dns.google.com".to_string()).unwrap();
let addr = client.resolve_host("example.com");

CLI Usage

dnsoverhttps comes with a small CLI utility providing host functionality to resolve hostnames:

$ host example.com
example.com has address 2606:2800:220:1:248:1893:25c8:1946
example.com has address 93.184.216.34

To install:

cargo install dnsoverhttps

License

MIT. See LICENSE.

Dependencies

~26–36MB
~630K SLoC