test DoH support:
$ ./dohclient -s 127.0.0.1 nlnetlabs.nl AAAA IN
Which outputs:
> nghttp2 session mem_recv failed
Finally, install the fixed package, as proposed in the linked MP, restart unbound, and verify DoH support again:
$ ./dohclient -s 127.0.0.1 nlnetlabs.nl AAAA IN
Which outputs a proper response, including
> :status 200
The patch proposed at
https:/ /code.launchpad .net/~athos- ribeiro/ ubuntu/ +source/ unbound/ +git/unbound/ +merge/ 405055
Enables DoH for unbound.
The change can be tested using the upstream test "dohclient". One possible way of reproducing the bug and verifying the changes follows:
Create the tsting binary:
$ git ubuntu clone unbound
$ cd unbound
$ ./configure --with-libnghttp2
$ make dohclient
Install unbound:
# apt-get install unbound
Configure unbound by appending the following to /etc/unbound/ unbound. conf:
server: unbound_ server. key" unbound_ server. pem"
interface: 127.0.0.1@443
tls-service-key: "/etc/unbound/
tls-service-pem: "/etc/unbound/
https-port: 443
Restart unbound
$ systemctl restart unbound
test DoH support:
$ ./dohclient -s 127.0.0.1 nlnetlabs.nl AAAA IN
Which outputs:
> nghttp2 session mem_recv failed
Finally, install the fixed package, as proposed in the linked MP, restart unbound, and verify DoH support again:
$ ./dohclient -s 127.0.0.1 nlnetlabs.nl AAAA IN
Which outputs a proper response, including
> :status 200
which should confirm the fix.