2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00

BIND: use Stream DNS for DNS over TCP connections

This commit makes BIND use the new Stream DNS transport for DNS over
TCP.
This commit is contained in:
Artem Boldariev
2022-08-05 19:43:34 +03:00
parent 03e33a014c
commit cce52fa4a2
5 changed files with 17 additions and 16 deletions

View File

@@ -249,9 +249,9 @@ run(void) {
read_cb, NULL, &sock); read_cb, NULL, &sock);
break; break;
case TCP: case TCP:
result = isc_nm_listentcpdns(netmgr, ISC_NM_LISTEN_ALL, result = isc_nm_listenstreamdns(
&sockaddr, read_cb, NULL, netmgr, ISC_NM_LISTEN_ALL, &sockaddr, read_cb, NULL,
accept_cb, NULL, 0, NULL, &sock); accept_cb, NULL, 0, NULL, NULL, &sock);
break; break;
case DOT: { case DOT: {
isc_tlsctx_createserver(NULL, NULL, &tls_ctx); isc_tlsctx_createserver(NULL, NULL, &tls_ctx);

View File

@@ -2036,13 +2036,14 @@ tcp_dispatch_connect(dns_dispatch_t *disp, dns_dispentry_t *resp) {
peerbuf, resp->timeout); peerbuf, resp->timeout);
if (transport_type == DNS_TRANSPORT_TLS) { if (transport_type == DNS_TRANSPORT_TLS) {
isc_nm_tlsdnsconnect(disp->mgr->nm, &disp->local, isc_nm_streamdnsconnect(disp->mgr->nm, &disp->local,
&disp->peer, tcp_connected, disp, &disp->peer, tcp_connected,
resp->timeout, tlsctx, sess_cache); disp, resp->timeout, tlsctx,
sess_cache);
} else { } else {
isc_nm_tcpdnsconnect(disp->mgr->nm, &disp->local, isc_nm_streamdnsconnect(
&disp->peer, tcp_connected, disp, disp->mgr->nm, &disp->local, &disp->peer,
resp->timeout); tcp_connected, disp, resp->timeout, NULL, NULL);
} }
break; break;

View File

@@ -952,9 +952,9 @@ xfrin_start(dns_xfrin_ctx_t *xfr) {
*/ */
switch (transport_type) { switch (transport_type) {
case DNS_TRANSPORT_TCP: case DNS_TRANSPORT_TCP:
isc_nm_tcpdnsconnect(xfr->netmgr, &xfr->sourceaddr, isc_nm_streamdnsconnect(xfr->netmgr, &xfr->sourceaddr,
&xfr->primaryaddr, xfrin_connect_done, &xfr->primaryaddr, xfrin_connect_done,
connect_xfr, 30000); connect_xfr, 30000, NULL, NULL);
break; break;
case DNS_TRANSPORT_TLS: { case DNS_TRANSPORT_TLS: {
result = dns_transport_get_tlsctx( result = dns_transport_get_tlsctx(

View File

@@ -719,13 +719,13 @@ cfg_acl_fromconfig2(const cfg_obj_t *acl_data, const cfg_obj_t *cctx,
} else if (strcasecmp(cfg_obj_asstring(obj_transport), } else if (strcasecmp(cfg_obj_asstring(obj_transport),
"tcp") == 0) "tcp") == 0)
{ {
transports = isc_nm_tcpdnssocket; transports = isc_nm_streamdnssocket;
encrypted = false; encrypted = false;
} else if (strcasecmp(cfg_obj_asstring(obj_transport), } else if (strcasecmp(cfg_obj_asstring(obj_transport),
"udp-tcp") == 0) "udp-tcp") == 0)
{ {
/* Good ol' DNS over port 53 */ /* Good ol' DNS over port 53 */
transports = isc_nm_tcpdnssocket | transports = isc_nm_streamdnssocket |
isc_nm_udpsocket; isc_nm_udpsocket;
encrypted = false; encrypted = false;
} else if (strcasecmp(cfg_obj_asstring(obj_transport), } else if (strcasecmp(cfg_obj_asstring(obj_transport),

View File

@@ -503,10 +503,10 @@ static isc_result_t
ns_interface_listentcp(ns_interface_t *ifp) { ns_interface_listentcp(ns_interface_t *ifp) {
isc_result_t result; isc_result_t result;
result = isc_nm_listentcpdns( result = isc_nm_listenstreamdns(
ifp->mgr->nm, ISC_NM_LISTEN_ALL, &ifp->addr, ns__client_request, ifp->mgr->nm, ISC_NM_LISTEN_ALL, &ifp->addr, ns__client_request,
ifp, ns__client_tcpconn, ifp, ifp->mgr->backlog, ifp, ns__client_tcpconn, ifp, ifp->mgr->backlog,
&ifp->mgr->sctx->tcpquota, &ifp->tcplistensocket); &ifp->mgr->sctx->tcpquota, NULL, &ifp->tcplistensocket);
if (result != ISC_R_SUCCESS) { if (result != ISC_R_SUCCESS) {
isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_ERROR, isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_ERROR,
"creating TCP socket: %s", "creating TCP socket: %s",