``+notcflag``. This bit is ignored by the server for QUERY.
``+[no]tcp``
- This option uses [or does not use] TCP when querying name servers. The default behavior
- is to use UDP unless a type ``any`` or ``ixfr=N`` query is requested,
- in which case the default is TCP. AXFR queries always use TCP.
+ This option indicates whether to use TCP when querying name servers.
+ The default behavior is to use UDP unless a type ``any`` or ``ixfr=N``
+ query is requested, in which case the default is TCP. AXFR queries
+ always use TCP.
``+timeout=T``
This option sets the timeout for a query to ``T`` seconds. The default timeout is
5 seconds. An attempt to set ``T`` to less than 1 is silently set to 1.
+``+[no]tls``
+ This option indicates whether to use DNS over TLS (DoT) when querying
+ name servers.
+
``+[no]topdown``
This feature is related to ``dig +sigchase``, which is obsolete and
has been removed. Use ``delv`` instead.
showsearch = false, is_dst_up = false, keep_open = false, verbose = false,
yaml = false;
in_port_t port = 53;
+bool port_set = false;
unsigned int timeout = 0;
unsigned int extrabytes;
isc_mem_t *mctx = NULL;
looknew->nsfound = 0;
looknew->tcp_mode = false;
looknew->tcp_mode_set = false;
+ looknew->tls_mode = false;
looknew->comments = true;
looknew->stats = true;
looknew->section_question = true;
looknew->ns_search_only = lookold->ns_search_only;
looknew->tcp_mode = lookold->tcp_mode;
looknew->tcp_mode_set = lookold->tcp_mode_set;
+ looknew->tls_mode = lookold->tls_mode;
looknew->comments = lookold->comments;
looknew->stats = lookold->stats;
looknew->section_question = lookold->section_question;
debug("start_tcp(%p)", query);
query_attach(query, &query->lookup->current_query);
+
+ /*
+ * For TLS connections, we want to override the default
+ * port number.
+ */
+ port = port_set ? port : (query->lookup->tls_mode ? 853 : 53);
+
result = get_address(query->servname, port, &query->sockaddr);
if (result != ISC_R_SUCCESS) {
/*
REQUIRE(query != NULL);
- result = isc_nm_tcpdnsconnect(
- netmgr, (isc_nmiface_t *)&localaddr,
- (isc_nmiface_t *)&query->sockaddr, tcp_connected, query,
- local_timeout, 0);
- check_result(result, "isc_nm_tcpdnsconnect");
+ if (query->lookup->tls_mode) {
+ result = isc_nm_tlsdnsconnect(
+ netmgr, (isc_nmiface_t *)&localaddr,
+ (isc_nmiface_t *)&query->sockaddr,
+ tcp_connected, query, local_timeout, 0);
+ check_result(result, "isc_nm_tcpdnsconnect");
+ } else {
+ result = isc_nm_tcpdnsconnect(
+ netmgr, (isc_nmiface_t *)&localaddr,
+ (isc_nmiface_t *)&query->sockaddr,
+ tcp_connected, query, local_timeout, 0);
+ check_result(result, "isc_nm_tcpdnsconnect");
+ }
+
/* XXX: set DSCP */
}
isc_nm_send(query->handle, &r, send_done, sendquery);
isc_refcount_increment0(&sendcount);
+ debug("sendcount=%" PRIuFAST32, isc_refcount_current(&sendcount));
/* XXX qrflag, print_query, etc... */
if (!ISC_LIST_EMPTY(query->lookup->q) && query->lookup->qr) {
if (keep != NULL) {
query->handle = keep;
}
+
isc_nmhandle_attach(query->handle, &query->sendhandle);
isc_nm_send(query->handle, &r, send_done, sendquery);
isc_refcount_increment0(&sendcount);
tcp_keepalive, header_only, ednsneg, mapped,
print_unknown_format, multiline, nottl, noclass, onesoa,
use_usec, nocrypto, ttlunits, idnin, idnout, expandaaaa, qr,
- setqid; /*% use a specified query ID */
+ setqid, /*% use a specified query ID */
+ tls_mode; /*% connect using TLS */
char textname[MXNAME]; /*% Name we're going to be
* looking up */
char cmdline[MXNAME];
extern bool check_ra, have_ipv4, have_ipv6, specified_source, usesearch,
showsearch, yaml;
extern in_port_t port;
+extern bool port_set;
extern unsigned int timeout;
extern isc_mem_t *mctx;
extern isc_refcount_t sendcount;
projects / thirdparty / bind9.git / commitdiff
