From 613c63b165829a0b3e5bfc3a72eff21d96ab4874 Mon Sep 17 00:00:00 2001
From: RPRX <63339210+RPRX@users.noreply.github.com>
Date: Sat, 8 Feb 2025 18:05:41 +0000
Subject: [PATCH] DNS DoH h2c Remote: Add `verifyPeerCertInNames` "fromMitm"
 support

https://github.com/XTLS/Xray-core/issues/4313#issuecomment-2645838663
---
 app/dns/nameserver_doh.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/dns/nameserver_doh.go b/app/dns/nameserver_doh.go
index 177c7561..f602d80a 100644
--- a/app/dns/nameserver_doh.go
+++ b/app/dns/nameserver_doh.go
@@ -54,7 +54,12 @@ func NewDoHNameServer(url *url.URL, dispatcher routing.Dispatcher, queryStrategy
 		if err != nil {
 			return nil, err
 		}
-		link, err := s.dispatcher.Dispatch(toDnsContext(ctx, s.dohURL), dest)
+		dnsCtx := toDnsContext(ctx, s.dohURL)
+		if h2c {
+			dnsCtx = session.ContextWithMitmAlpn11(dnsCtx, false) // for insurance
+			dnsCtx = session.ContextWithMitmServerName(dnsCtx, url.Hostname())
+		}
+		link, err := s.dispatcher.Dispatch(dnsCtx, dest)
 		select {
 		case <-ctx.Done():
 			return nil, ctx.Err()