After some thoughts, I realized that the fallback should be made by who is
using the client, as it will need to change the port (from 853 to 53). This
would also remove from the library the complexity of storing the recursive
nameservers that aren't working well with TLS (draft-ietf-dprive-dns-over-tls,
section 3.1).
Resolves#297
As tlc.Conn is just a TCP connection after the handshake, we will modify the
TCP functions to work with an io.Reader/io.Writer parameter instead of a
net.TCPConn so we can reuse them.
See #297
When starting a TLS connection in some environments, we usually disabled some
certificates checks to allow tests with self-signed certificates. To disable
this checks we need to change some TLS parameters when starting a connection,
and for that we need to inject this parameters in the API.
Now the Client will also have an attribute for the TLS configuration
parameters. For future refactories, we could change the TLS attribute from bool
to a struct that would store the "Enable" flag and the configuration.
See #297
We should allow the client to send requests to a recursive DNS server using a
encrypted connection. This is proposed on the document
draft-ietf-dprive-dns-over-tls [1].
For now we didn't allow the API user to change the TLS configuration (using
defaults). We also need to add the intelligence to fallback to normal DNS when
the TLS connection fails (as described in the draft).
See #297
[1] http://tools.ietf.org/html/draft-ietf-dprive-dns-over-tls-02
The call to conn.File() causes Go to call dup() and then set the resulting FD
to be blocking. This sets the FD back to non-blocking, allowing Shutdown() to
work properly.
Fixes#279.
This fixes bugs in MB and CNAME.copy() (using sprintName for copying),
IPSECKEY (missed copyIP) and OPT (partially, Options was not copied as
slice; EDNS0 objects themselves are still pointers).
This process probably fixes a bug in NSAPPTR.len(), after a similar one was
found in HINFO.len().
This should also make it easier to make changes to these functions, and
check their correctness.
Generate the code by running "go generate".
The current code sets the read deadline at the same time as the write
deadline. If the write nearly times out but doesn't, the read timeout
can fire before the read happens within the specified deadline.