dig doesn't respect +timeout when using +https

Summary

dig 9.18 does not respect the connection timeout argument when using DOH. The timeout setting seems to be incorrectly passed to isc_nm_httpconnect().

BIND version affected

9.18.18 (Ubuntu package) 9.18 branch (9.18.28-dev) (built from source)

$ dig -v DiG 9.18.18-0ubuntu0.22.04.2-Ubuntu

Steps to reproduce

• Use +https
• Use a +timeout
• Force a timeout by using an incorrect port

$ time dig +https @8.8.8.8 isc.org +timeout=1 +tries=1 -p1234

;; Connection to 8.8.8.8#1234(8.8.8.8) for isc.org failed: timed out.

real	2m1.108s
user	0m0.009s
sys	0m0.014s

What is the current bug behavior?

Observed: timeout after 2 minutes

What is the expected correct behavior?

Expected: timeout after 2s

Possible root cause and fix

bin/dig/dighost.c calls isc_nm_httpconnect here https://github.com/isc-projects/bind9/blob/v9.18.18/bin/dig/dighost.c#L3086 The timeout setting (local_timeout) is the 11th argument.

isc_nm_httpconnect is here: https://github.com/isc-projects/bind9/blob/v9.18.18/lib/isc/netmgr/http.c#L1439 The timeout setting (timeout) is the 10th argument.

The 10th and 11th args seem to be reversed. This patch against the head of the 9.18 branch fixed the issue for me

--- a/bin/dig/dighost.c
+++ b/bin/dig/dighost.c
@@ -3086,7 +3086,7 @@ start_tcp(dig_query_t *query) {
                        isc_nm_httpconnect(netmgr, &localaddr, &query->sockaddr,
                                           uri, !query->lookup->https_get,
                                           tcp_connected, connectquery, tlsctx,
-                                          sess_cache, 0, local_timeout);
+                                          sess_cache, local_timeout, 0);