main: Configure the TLS transport

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/main.c b/main.c
index dc274e4cca935d602be563a1abbc98b548b2dd91..e9aa4d4d289b378f7efb14b36d6841ae0fe69475 100644 (file)
--- a/main.c
+++ b/main.c
@@ -56,7 +56,9 @@ typedef struct ctx {
        isc_sockaddr_t source_address;
 
        // Transport
-       dns_transport_type_t transport;
+       dns_transport_type_t transport_type;
+       dns_transport_list_t* transports;
+       dns_transport_t* transport;
        uint32_t port;
 
        // Zones
@@ -269,7 +271,7 @@ static int do_transfer(dns_zone_t* zone, uint32_t serial) {
        dns_zone_setminxfrratein(zone, 10240, 300);
 
        dns_xfrin_create(zone, xfrtype, &ctx.primary_address, &ctx.source_address, NULL,
-               ctx.transport, NULL, ctx.tlsctx_cache, ctx.memctx, &xfrin);
+               ctx.transport_type, ctx.transport, ctx.tlsctx_cache, ctx.memctx, &xfrin);
 
        // Start the transfer
        return dns_xfrin_start(xfrin, transfer_done);
@@ -381,6 +383,38 @@ ERROR:
        zone_done(zone);
 }
 
+static int configure_transports(void) {
+       dns_name_t* name = NULL;
+       int r;
+
+       // Use the name of the primary
+       r = dns_name_from_string(&name, ctx.primary);
+       if (r) {
+               ERROR("Failed to parse the transport name %s: %s\n",
+                       ctx.primary, isc_result_totext(r));
+               return r;
+       }
+
+       // Allocate a new transport list
+       ctx.transports = dns_transport_list_new(ctx.memctx);
+
+       // Allocate a new transport
+       ctx.transport = dns_transport_new(name, ctx.transport_type, ctx.transports);
+
+       // Set the remote hostname (for TLS SNI)
+       switch (ctx.transport_type) {
+               case DNS_TRANSPORT_TLS:
+                       dns_transport_set_remote_hostname(ctx.transport, ctx.primary);
+                       dns_transport_set_tlsname(ctx.transport, ctx.primary);
+                       break;
+
+               default:
+                       break;
+       }
+
+       return 0;
+}
+
 static void run_loop(void* data) {
        struct in_addr any = {
                .s_addr = INADDR_ANY,
@@ -398,6 +432,11 @@ static void run_loop(void* data) {
        // Create the source address
        isc_sockaddr_fromin(&ctx.source_address, &any, 0);
 
+       // Configure transports
+       r = configure_transports();
+       if (r)
+               goto ERROR;
+
        // Create a view
        r = dns_view_create(ctx.memctx, ctx.loopmgr, ctx.dispatchmgr,
                        dns_rdataclass_in, "default", &ctx.view);
@@ -425,6 +464,14 @@ static void destroy_loop(void* data) {
        if (ctx.view)
                dns_view_detach(&ctx.view);
 
+       // Destroy the transport
+       if (ctx.transport)
+               dns_transport_detach(&ctx.transport);
+
+       // Destroy the transport list
+       if (ctx.transports)
+               dns_transport_list_detach(&ctx.transports);
+
        // Destroy the zone manager
        if (ctx.zonemgr) {
                dns_zonemgr_shutdown(ctx.zonemgr);
@@ -512,12 +559,12 @@ static error_t parse(int key, char* arg, struct argp_state* state) {
                case OPT_TRANSPORT:
                        // TCP
                        if (strcmp(arg, "TCP") == 0) {
-                               ctx.transport = DNS_TRANSPORT_TCP;
+                               ctx.transport_type = DNS_TRANSPORT_TCP;
                                ctx.port = 53;
 
                        // TLS
                        } else if (strcmp(arg, "TLS") == 0) {
-                               ctx.transport = DNS_TRANSPORT_TLS;
+                               ctx.transport_type = DNS_TRANSPORT_TLS;
                                ctx.port = 853;
 
                        // Fail on unknown transport