Pull request 1742: 5518-doh-panic

Updates #5425. Updates #5518. Squashed commit of the following: commit 74873bd47bab569d0a45361f2d87c0e33e0ed3fb Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Mon Feb 20 17:54:44 2023 +0300 dnsforward: use Host when available commit 4eee3d655ec7eb84e0327dcf30603578772609e1 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Mon Feb 20 17:24:24 2023 +0300 dnsforward: fix panic on unencrypted doh
2023-02-20 18:01:00 +03:00
parent 6f6ced33c1
commit a556ce8fb8
3 changed files with 82 additions and 29 deletions
--- a/internal/dnsforward/clientid.go
+++ b/internal/dnsforward/clientid.go
@@ -147,11 +147,24 @@ func (s *Server) clientIDFromDNSContext(pctx *proxy.DNSContext) (clientID string
 	return clientID, nil
 }

-// clientServerName returns the TLS server name based on the protocol.
+// clientServerName returns the TLS server name based on the protocol.  For
+// DNS-over-HTTPS requests, it will return the hostname part of the Host header
+// if there is one.
 func clientServerName(pctx *proxy.DNSContext, proto proxy.Proto) (srvName string, err error) {
 	switch proto {
 	case proxy.ProtoHTTPS:
-		srvName = pctx.HTTPRequest.TLS.ServerName
+		r := pctx.HTTPRequest
+		if connState := r.TLS; connState != nil {
+			srvName = connState.ServerName
+		} else if r.Host != "" {
+			var host string
+			host, err = netutil.SplitHost(r.Host)
+			if err != nil {
+				return "", fmt.Errorf("parsing host: %w", err)
+			}
+
+			srvName = host
+		}
 	case proxy.ProtoQUIC:
 		qConn := pctx.QUICConnection
 		conn, ok := qConn.(quicConnection)