Closed sblighting closed 4 years ago
all merged, thanks!
The ESNI implementation of firefox requires ATM that firefox resolves DNs itself suing its own DoH implementation. See the bugzilla ticket [1]. Some users might want this. Therefore it would be help full to have an --allow-local-doh
options.
ESNI references:
about:config
: network.security.esni.enabled
https://bugzilla.mozilla.org/show_bug.cgi?id=1500289 [1]
https://www.cloudflare.com/ssl/encrypted-sni (Test)
https://en.wikipedia.org/wiki/ESNI
https://blog.cloudflare.com/esni/
FYI: network.trr.mode = 3
(=DoH without system fallback) requires network.trr.bootstrapAddress
so firefox can still use DoH if it has an IP-Addr rather than only a domain name.
Why does firefox' spell checker not know the word firefox?
I'm adding --allow-local-doh :)
etc/doh - doh domain list etd/apparmor/usr.bin.fdns - and etc/doh to apparmor list src/fdns/filter.c - add some doh servers in default list, renamed some functions for consistency src/fdns/server.c - push our servers in the ad-filter list src/fdns/main.c - load our server list for test commands src/fdns/fdns.h - compile warnings