address '--disable-doh' failures

Change 5756 (GL #2854) introduced build errors when using
'configure --disable-doh'.  To fix this, isc_nm_is_http_handle() is
now defined in all builds, not just builds that have DoH enabled.

Missing code comments were added both for that function and for
isc_nm_is_tlsdns_handle().

lib/isc/include/isc/netmgr.h

@@ -502,6 +502,17 @@ isc_nm_tlsdnsconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
 
 bool
 isc_nm_is_tlsdns_handle(isc_nmhandle_t *handle);
+/*%<
+ * Returns 'true' iff 'handle' is associated with a socket of type
+ * 'isc_nm_tlsdnssocket'.
+ */
+
+bool
+isc_nm_is_http_handle(isc_nmhandle_t *handle);
+/*%<
+ * Returns 'true' iff 'handle' is associated with a socket of type
+ * 'isc_nm_httpsocket'.
+ */
 
 #if HAVE_LIBNGHTTP2
 
@@ -578,11 +589,12 @@ isc_nm_http_endpoints_detach(isc_nm_http_endpoints_t **restrict epsp);
  * isc_nm_http_endpoints_t object.
  */
 
-bool
-isc_nm_is_http_handle(isc_nmhandle_t *handle);
-
 bool
 isc_nm_http_path_isvalid(const char *path);
+/*%<
+ * Returns 'true' if 'path' matches the format requirements for
+ * the path component of a URI as defined in RFC 3986 section 3.3.
+ */
 
 void
 isc_nm_http_makeuri(const bool https, const isc_sockaddr_t *sa,

lib/isc/netmgr/http.c

@@ -2847,14 +2847,6 @@ failed_read_cb(isc_result_t result, isc_nm_http_session_t *session) {
 	}
 }
 
-bool
-isc_nm_is_http_handle(isc_nmhandle_t *handle) {
-	REQUIRE(VALID_NMHANDLE(handle));
-	REQUIRE(VALID_NMSOCK(handle->sock));
-
-	return (handle->sock->type == isc_nm_httpsocket);
-}
-
 void
 isc__nm_http_set_maxage(isc_nmhandle_t *handle, const uint32_t ttl) {
 	isc_nm_http_session_t *session;

lib/isc/netmgr/netmgr.c

@@ -3456,14 +3456,26 @@ isc_nm_is_tlsdns_handle(isc_nmhandle_t *handle) {
 	return (handle->sock->type == isc_nm_tlsdnssocket);
 }
 
+bool
+isc_nm_is_http_handle(isc_nmhandle_t *handle) {
+	REQUIRE(VALID_NMHANDLE(handle));
+	REQUIRE(VALID_NMSOCK(handle->sock));
+
+	return (handle->sock->type == isc_nm_httpsocket);
+}
+
 void
 isc_nm_set_maxage(isc_nmhandle_t *handle, const uint32_t ttl) {
-	isc_nmsocket_t *sock;
+	isc_nmsocket_t *sock = NULL;
 
 	REQUIRE(VALID_NMHANDLE(handle));
 	REQUIRE(VALID_NMSOCK(handle->sock));
 	REQUIRE(!atomic_load(&handle->sock->client));
 
+#if !HAVE_LIBNGHTTP2
+	UNUSED(ttl);
+#endif
+
 	sock = handle->sock;
 	switch (sock->type) {
 #if HAVE_LIBNGHTTP2

lib/ns/query.c

@@ -12034,32 +12034,33 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) {
 			break; /* Let the query logic handle it. */
 		case dns_rdatatype_ixfr:
 		case dns_rdatatype_axfr:
-#if HAVE_LIBNGHTTP2
 			if (isc_nm_is_http_handle(handle)) {
-				/* We cannot use DoH for zone transfers.
+				/*
-				 * According to RFC8484 a DoH request contains
+				 * We cannot use DoH for zone transfers.
+				 * According to RFC 8484 a DoH request contains
 				 * exactly one DNS message (see Section 6:
 				 * Definition of the "application/dns-message"
-				 * Media Type,
+				 * Media Type).
-				 * https://datatracker.ietf.org/doc/html/rfc8484#section-6).
+				 *
 				 * This makes DoH unsuitable for zone transfers
 				 * as often (and usually!) these need more than
 				 * one DNS message, especially for larger zones.
 				 * As zone transfers over DoH are not (yet)
-				 * standardised, nor discussed in the RFC8484,
+				 * standardised, nor discussed in RFC 8484,
 				 * the best thing we can do is to return "not
-				 * implemented". */
+				 * implemented".
+				 */
 				query_error(client, DNS_R_NOTIMP, __LINE__);
 				return;
 			}
-#endif
 			if (isc_nm_is_tlsdns_handle(handle) &&
 			    !isc_nm_xfr_allowed(handle)) {
-				/* Currently this code is here for DoT, which
+				/*
+				 * Currently this code is here for DoT, which
 				 * has more complex requirements for zone
-				 * transfers compared to
+				 * transfers compared to other stream
-				 * other stream protocols. See RFC9103 for
+				 * protocols. See RFC 9103 for details.
-				 * the details. */
+				 */
 				query_error(client, DNS_R_REFUSED, __LINE__);
 				return;
 			}