Skip to content
Snippets Groups Projects
Select Git revision
  • debian/main
  • main default
  • debian/0.5-1
  • hddemux-0.5
  • debian/0.4-8
  • debian/0.4-7
  • debian/0.4-6
  • debian/0.4-5
  • debian/0.4-4
  • debian/0.4-3
  • debian/0.4-2
  • debian/0.4-1
  • hddemux-0.4
  • hddemux-0.3
  • debian/0.3-1
  • draft-dkg-dprive-demux-dns-http-03
  • draft-dkg-dprive-demux-dns-http-02
  • draft-dkg-dprive-demux-dns-http-01
  • debian/0.2-2
  • debian/0.2-1
  • hddemux-0.2
  • debian/0.1-1
22 results
Compare
Name Last commit Last update
.gitignore
LICENSE
Makefile
README.md
TODO.md
draft-dkg-dprive-demux-dns-http.md
hddemux.1.md
hddemux.c
hddemux.conf
hddemux.service
hddemux.socket
README.md

Given restrictive firewalls and intrusive network monitors, it can be both privacy-preserving and connectivity-enhancing to be able to serve both HTTPS (HTTP/1.x) and DNS-over-TLS from the same TCP port.

This project aims to document specifically how that can be done safely, and to provide simple code to demonstrate the mechanism.

As of this writing, the code is deployed and in-use at the host dns.cmrg.net, which offers both HTTPS and a full recursive resolver (via DNS-over-TLS), both on port 443. Please see https://dns.cmrg.net for more details of that service.

This project includes:

  • hddemux.c -- a libuv-based HTTP/1.x and DNS multiplexing server

  • hddemux.socket and hddemux.service -- systemd units to manage hddemux

  • draft-dkg-dprive-demux-dns-http.md -- an Internet Draft documenting the rationale and the algorithm.

Patches and commentary welcome!