Per the above commit, this is blocked on TLS support for IP endpoints in Rust, which are commonly used for DoT (meanwhile DoH is often given as a hostname so we support DoH). See also these multiyear issues:
- https://github.com/briansmith/webpki/issues/54 (underlying problem)
Another solution could be to just punt on the lack of IP endpoint support and tell people to use hostname DoT endpoints, but TLS support in Rust still seems really unstable, so digging into using a TLS library directly could end up creating its own headaches. For example I'm currently hitting compatibility problems with webpki 0.21.4 -> 0.22.0 where it's renaming some types (why?) and thereby causing issues with async_rustls.
Given this I'm going to mark this low priority. If someone really cares about DoT someday then maybe it'll be worth the headache of TLS with Rust.
An alternate solution may be to just abandon rustls entirely and use
async-native-tlsinstead. We were previously getting errors like
http2 error: protocol error: frame with invalid sizedue to lack of support for ALPN when using it in the hyper-based filter download client.
That support may be fixed as of rust-native-tls 0.2.7: https://github.com/sfackler/rust-native-tls/pull/194
However async-native-tls is still on rust-native-tls 0.2.3: https://github.com/async-email/async-native-tls/blob/master/Cargo.toml#L18