if (vars->count("ciphersTLS13")) {
frontend->d_ciphers13 = boost::get<const string>((*vars)["ciphersTLS13"]);
}
+ if (vars->count("serverTokens")) {
+ frontend->d_serverTokens = boost::get<const string>((*vars)["serverTokens"]);
+ }
}
g_dohlocals.push_back(frontend);
auto cs = std::unique_ptr<ClientState>(new ClientState(frontend->d_local, true, reusePort, tcpFastOpenQueueSize, interface, cpus));
* ``idleTimeout=30``: int - Set the idle timeout, in seconds.
* ``ciphers``: str - The TLS ciphers to use, in OpenSSL format. Ciphers for TLS 1.3 must be specified via ``ciphersTLS13``.
* ``ciphersTLS13``: str - The TLS ciphers to use for TLS 1.3, in OpenSSL format.
+ * ``serverTokens``: str - The content of the Server: HTTP header returned by dnsdist. The default is "h2o/dnsdist".
.. function:: addTLSLocal(address, certFile(s), keyFile(s) [, options])
h2o_socket_getpeername(sock, reinterpret_cast<struct sockaddr*>(&remote));
DOHServerConfig* dsc = reinterpret_cast<DOHServerConfig*>(req->conn->ctx->storage.entries[0].data);
+ /* looks like we can't delete the Server: header with most versions of h2o */
+ h2o_set_header(&req->pool, &req->res.headers, H2O_TOKEN_SERVER, dsc->df->d_serverTokens.c_str(), dsc->df->d_serverTokens.size(), 1);
+
if(auto tlsversion = h2o_socket_get_ssl_protocol_version(sock)) {
if(!strcmp(tlsversion, "TLSv1.0"))
++dsc->df->d_tls10queries;
std::vector<std::pair<std::string, std::string>> d_certKeyPairs;
std::string d_ciphers;
std::string d_ciphers13;
+ std::string d_serverTokens{"h2o/dnsdist"};
ComboAddress d_local;
uint32_t d_idleTimeout{30}; // HTTP idle timeout in seconds