南宫雪珊

What is the meaning of `--ech false`, why not delete `--ech`?

https://github.com/curl/curl/blob/9742dba5234ae8a717468856382a40991a18df74/docs/cmdline-opts/ech.d#L10 What if i want `hard` + base64 ECHConfigList? My thoughts: --ech true/false/hard/grease[:string] The string is optional, if it has a dot then it is public_name, otherwise it is base64...

``` curl --ech true --doh-url https://1.0.0.1/dns-query https://crypto.cloudflare.com/cdn-cgi/trace -v ...... * a DoH request is completed, 2 to go * a DoH request is completed, 1 to go * Connection #1...

``` C/C++: [armeabi-v7a] Compile thumb : curl_static

This is not a problem with boringssl, cloudflare network rejects ech when using warp.

> Any more info on it? No, cloudflare doesn't publicly document this behavior, I'm guessing because it's already on the cloudflare intranet, ech is pointless. You can test it by...

> I wonder if GREASEd ECH would also fail similarly. ``` curl --ech GREASE --doh-url https://1.0.0.1/dns-query https://crypto.cloudflare.com/cdn-cgi/trace fl=467f66 h=crypto.cloudflare.com ip= ts=1707312347.172 visit_scheme=https uag=curl/8.6.1-DEV colo= sliver=none http=http/2 loc= tls=TLSv1.3 sni=plaintext warp=plus...

``` curl.exe --http3-only https://crypto.cloudflare.com/cdn-cgi/trace -v * Trying [2606:4700:7::a29f:8955]:443... * QUIC cipher selection: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256 * CAfile: curl-ca-bundle.crt * CApath: none * Trying [2606:4700:7::a29f:8955]:443... * Closing connection curl: (43) A libcurl function...

``` curl.exe --http3 https://crypto.cloudflare.com/cdn-cgi/trace --trace-config all -v 00:42:25.222384 [0-0] * [HTTPS-CONNECT] added 00:42:25.227719 [0-0] * [HTTPS-CONNECT] connect, init 00:42:25.231975 [0-0] * [HAPPY-EYEBALLS] created ipv6 (timeout 149990ms) 00:42:25.235889 [0-0] * [HAPPY-EYEBALLS]...

I don't have a Windows build environment...