Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Peter van Dijk 
On Tue, 2020-09-29 at 02:31 +, Mark Delany wrote:
> On 28Sep20, cjc+dns-o...@pumpky.net allegedly wrote:
> > Looking for a command line tool to do testing of DoH. Something like
> > dig or drill with DoH support. I suspect there's a Python tool or
> > the like out there somewhere, but my google-fu is failing.
> > 
> > Don't want to re-invent the wheel if I don't have to.
> 
> Just to toot a little, trustydns-dig might do what you want.
> 
> 
> https://github.com/markdingo/trustydns/tree/master/cmd/trustydns-dig

To jump on the toot toot self-tooting train, 
https://doc.powerdns.com/authoritative/manpages/sdig.1.html also
supports DoH. It's part of pdns-tools, available via the
'authoritative' repos at https://repo.powerdns.com/

(DoT support is pending).

Kind regards,
-- 
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Stephane Bortzmeyer 
On Tue, Sep 29, 2020 at 11:37:29AM +0200,
 Jeroen Massar via dns-operations  wrote 
 a message of 88 lines which said:

> one can also test quickly with Stéphane Bortzmeyer's script:
> https://www.bortzmeyer.org/files/test-doh.py

Now superseded by Homer 
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Jeroen Massar via dns-operations 
--- Begin Message ---

> On 20200929, at 10:47, Petr Špaček  wrote:
> 
> On 29. 09. 20 3:30, cjc+dns-o...@pumpky.net wrote:
>> Looking for a command line tool to do testing of DoH. Something like
>> dig or drill with DoH support. I suspect there's a Python tool or
>> the like out there somewhere, but my google-fu is failing.
>> 
>> Don't want to re-invent the wheel if I don't have to.
> 
> Knot DNS 3.0 has DoH support in kdig:
> 
> Examples for various DoH server implementations:
> $ kdig @1.1.1.1 +https example.com.
> $ kdig @193.17.47.1 +https=/doh example.com.
> $ kdig @8.8.4.4 +https +https-get example.com.
> 
> Version 3.0 was released couple weeks ago and might not be in Linux 
> distributions yet. Packages for common distributions and also source code is 
> available from https://www.knot-dns.cz/download/

Thanks Petr for adding that, very useful tool!
I was already using it for testing DoT, thus having DoH support in the same 
style/binary is very useful.
(kdig -d @ +tls-ca +tls-host= )


Otherwise, for DoH, for platforms where one has Python (gotta use what one has)
with (Debian: python3-dnspython python3-pycurl) one can also test quickly with 
Stéphane Bortzmeyer's script:

https://www.bortzmeyer.org/files/test-doh.py 

Greets,
 Jeroen


--- End Message ---
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Stephane Bortzmeyer 
On Mon, Sep 28, 2020 at 06:30:33PM -0700,
 cjc+dns-o...@pumpky.net  wrote 
 a message of 9 lines which said:

> Looking for a command line tool to do testing of DoH. Something like
> dig or drill with DoH support. I suspect there's a Python tool

https://framagit.org/bortzmeyer/homer

% homer https://doh.bortzmeyer.fr/ dns-oarc.net
id 0
opcode QUERY
rcode NOERROR
flags QR RD RA AD
edns 0
payload 4096
option ECS ::/0 scope/0
;QUESTION
dns-oarc.net. IN 
;ANSWER
dns-oarc.net. 120 IN  2620:ff:c000::198
;AUTHORITY
;ADDITIONAL

Total elapsed time: 1.20 seconds (1195.46 ms/request)
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] CLI Tool for DoH

2020-09-29 Thread Petr Špaček 
On 29. 09. 20 3:30, cjc+dns-o...@pumpky.net wrote:
> Looking for a command line tool to do testing of DoH. Something like
> dig or drill with DoH support. I suspect there's a Python tool or
> the like out there somewhere, but my google-fu is failing.
> 
> Don't want to re-invent the wheel if I don't have to.

Knot DNS 3.0 has DoH support in kdig:

Examples for various DoH server implementations:
$ kdig @1.1.1.1 +https example.com.
$ kdig @193.17.47.1 +https=/doh example.com.
$ kdig @8.8.4.4 +https +https-get example.com.

Version 3.0 was released couple weeks ago and might not be in Linux 
distributions yet. Packages for common distributions and also source code is 
available from https://www.knot-dns.cz/download/

-- 
Petr Špaček  @  CZ.NIC
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations