mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 06:37:08 +00:00
- ub_ctx_set_tls call for libunbound that enables DoT for the machines
set with ub_ctx_set_fwd. Patch from Florian Obser. git-svn-id: file:///svn/unbound/trunk@5080 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
parent
5e4f0d65ce
commit
3d2dfc4769
@ -1,3 +1,7 @@
|
||||
28 January 2019: Wouter
|
||||
- ub_ctx_set_tls call for libunbound that enables DoT for the machines
|
||||
set with ub_ctx_set_fwd. Patch from Florian Obser.
|
||||
|
||||
25 January 2019: Wouter
|
||||
- Fix that tcp for auth zone and outgoing does not remove and
|
||||
then gets the ssl read again applied to the deleted commpoint.
|
||||
|
@ -20,6 +20,7 @@
|
||||
.B ub_ctx_config,
|
||||
.B ub_ctx_set_fwd,
|
||||
.B ub_ctx_set_stub,
|
||||
.B ub_ctx_set_tls,
|
||||
.B ub_ctx_resolvconf,
|
||||
.B ub_ctx_hosts,
|
||||
.B ub_ctx_add_ta,
|
||||
@ -72,6 +73,9 @@
|
||||
\fIint\fR isprime);
|
||||
.LP
|
||||
\fIint\fR
|
||||
\fBub_ctx_set_tls\fR(\fIstruct ub_ctx*\fR ctx, \fIint\fR tls);
|
||||
.LP
|
||||
\fIint\fR
|
||||
\fBub_ctx_resolvconf\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR fname);
|
||||
.LP
|
||||
\fIint\fR
|
||||
@ -227,6 +231,12 @@ for different zones, or to add multiple addresses for a particular zone.
|
||||
At this time it is only possible to set configuration before the
|
||||
first resolve is done.
|
||||
.TP
|
||||
.B ub_ctx_set_tls
|
||||
Enable DNS over TLS (DoT) for machines set with
|
||||
.B ub_ctx_set_fwd.
|
||||
At this time it is only possible to set configuration before the
|
||||
first resolve is done.
|
||||
.TP
|
||||
.B ub_ctx_resolvconf
|
||||
By default the root servers are queried and full resolver mode is used, but
|
||||
you can use this call to read the list of nameservers to use from the
|
||||
|
@ -966,6 +966,19 @@ ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr)
|
||||
return UB_NOERROR;
|
||||
}
|
||||
|
||||
int ub_ctx_set_tls(struct ub_ctx* ctx, int tls)
|
||||
{
|
||||
lock_basic_lock(&ctx->cfglock);
|
||||
if(ctx->finalized) {
|
||||
lock_basic_unlock(&ctx->cfglock);
|
||||
errno=EINVAL;
|
||||
return UB_AFTERFINAL;
|
||||
}
|
||||
ctx->env->cfg->ssl_upstream = tls;
|
||||
lock_basic_unlock(&ctx->cfglock);
|
||||
return UB_NOERROR;
|
||||
}
|
||||
|
||||
int ub_ctx_set_stub(struct ub_ctx* ctx, const char* zone, const char* addr,
|
||||
int isprime)
|
||||
{
|
||||
|
@ -20,6 +20,7 @@ ub_ctx_set_event
|
||||
ub_ctx_set_fwd
|
||||
ub_ctx_set_option
|
||||
ub_ctx_set_stub
|
||||
ub_ctx_set_tls
|
||||
ub_ctx_trustedkeys
|
||||
ub_ctx_zone_add
|
||||
ub_ctx_zone_remove
|
||||
|
@ -309,6 +309,17 @@ int ub_ctx_config(struct ub_ctx* ctx, const char* fname);
|
||||
*/
|
||||
int ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr);
|
||||
|
||||
/**
|
||||
* Use DNS over TLS to send queries to machines set with ub_ctx_set_fwd().
|
||||
*
|
||||
* @param ctx: context.
|
||||
* At this time it is only possible to set configuration before the
|
||||
* first resolve is done.
|
||||
* @param tls: enable or disable DNS over TLS
|
||||
* @return 0 if OK, else error.
|
||||
*/
|
||||
int ub_ctx_set_tls(struct ub_ctx* ctx, int tls);
|
||||
|
||||
/**
|
||||
* Add a stub zone, with given address to send to. This is for custom
|
||||
* root hints or pointing to a local authoritative dns server.
|
||||
|
Loading…
Reference in New Issue
Block a user