Date: Thu, 4 Jan 2018 14:55:54 +0200 From: Stefan Fröberg <stefan.froberg@...roprogram.com> To: Rich Felker <dalias@...c.org> Cc: musl@...ts.openwall.com Subject: Re: Feature request: TCP DNS support Hello Rich Rich Felker kirjoitti 04.01.2018 klo 03:31: > On Thu, Jan 04, 2018 at 02:05:06AM +0200, Stefan Fröberg wrote: >> Dear Sir >> >> I have managed to compile my own, statically linked, portable little >> browser that uses musl and QtWebKit. >> >> Initial tests looks good but when testing encrypted DNS-over-TLS (which >> needs TCP instead of UDP) with my system, >> I could get nowhere. >> So I guess musl does not yet support TCP DNS ? >> >> Could you please add support for passing TCP DNS requests too with musl ? >> >> It's all the rage now that Android has added support for it and the >> DNS-over-TLS >> standard starts to be finished, if not already finished. > The supported way to do this with musl is via a nameserver on > localhost responding to udp queries and performing whatever backend > queries you want it to do. This (having a ns on localhost) is > fundamentally necessary for meaningful DNSSEC support anyway, too. > > Even if musl did TCP itself, that wouldn't help you get DNS-over-TLS; > for that you would need a TLS stack in libc. And you really don't want > that. > > Rich Oh, but doesn't OpenSSL handle the encryption, aka TLS part ? What source files in musl now currently handle the namelookup ? Best regards Stefan Fröbreg
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.