-
-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hostname verification over TLS #29
Comments
I was wondering if this could be solved like this (based on google dns):
Then you have the IP (no DNS leakage due to hostname resolution by doggo) already, and the hostname specified. Seems the libraries/modules used already to hostname-verification if a hostname is used (but I could be wrong). But it seems as soon as BTW: Using the |
Hm, that seems a bug. I'll investigate. |
It is actually doing both when specified:
I think when something else then This is also nice to have all dns traffic encrypted, and prevent some unencrypted leakage during bootstrap of the hostname IP. Great tool BTW, keep up the good work! |
I've decided to add 2 new flags:
Will push soon. |
Released https://github.com/mr-karan/doggo/releases/tag/v0.5.2 which has these flags. Feel free to re-open in case I missed something. |
Hi,
Just came across this doggo after looking for a way to do DoT lookups, looks neat and appreciate the colored formatting, nice work.
I want to do a lookup with a couple of specific nameservers but it requires tls hostname verification.
Is there a way we can pass the expected hostname of the dns resolver like
adblock.doh.mullvad.net
for verification?If I use
doggo google.se @tls://adblock.doh.mullvad.net
, the lookup succeeds but then I do not know which of mullvad's servers responded (there are 2 nameservers listed under adblock.doh.mullvad.net) and I want to be able to test them individually.The text was updated successfully, but these errors were encountered: