Currently, if queries to name servers over UDP result in either a
truncated response, or any kind of error, the query will be retried over
TCP. It should be possible to only use TCP for the case of oversized
messages, and avoid it in the common case. This change makes this the
default behavior and adds an option to ResolverOpts that can be enabled
to get the current behavior.
This is so we get a consistent requirement for the availability of the
`tls_config` field in the `NameServerConfig` struct.
Preserves two constraints that seem important:
* Crates are compiled without TLS by default, matching the default features
* Using cargo with --all-features works correctly
* logger: missing https crate
* https: use RuntimeProvider when making connections
- [X] use RuntimeProvider when making TCP connections
- [ ] use RuntimeProvider when making TLS upgrades
- [ ] migrate tests
* RuntimeProvider::Tcp: remove async read/write
The TCP needs to Connect, the async readwriter will be in the
transport of connect. Thus we don't need it to be a requirement
on the top trait of RuntimeProvider
* AsyncResolver: remove async from new()
Related to overriding RuntimeProvider for #1074
Solves #1056
* cleanup tests
* rebase master for 0.19.5
* fix windows tests
Co-authored-by: Benjamin Fry <benjaminfry@me.com>
1. Create a trait RuntimeProvider to abstract the resolver
implementation.
2. Make TokioAsyncResolver as default type.
3. Keep the tls related codes unchanged, which may be abstracted at a
later point.
4. Update the other codes and test cases wherever necessary.
* all tests updated for new background
* background in Resolver now supported, wip
* clean up client impls
* client passing all tests
* cleanup review comments, remove try_locks
* remove mutexes on NameServers in NameServerPool
* refactored ConnectionProvider
* remove pinutils dependency
* remove the now unused custom *LookupFutures
* remove unused types
* remove all deprecated interfaces from Client
* rename ClientFuture to AsyncClient
* all clippy warnings and SecureClient working
* cleanup clippy warnnings
* Everything working with Background removed
* fix infinite loop
* Client refactored without background
* rebased onto tokio 0.2
* remove Clone and Option from background connects
* cleanup from review
* fix clippy warnings
* spawn in ConnectionProvider
* fix no-default-features test
* only expose testing functions during testing
* fix copyright typo
* revert lookup_ip interface change
* limit tokio features to least required set
* rename tokio-compat to tokio-runtime
* use async fns where possible on AsyncResolver
* fix lifetime issue
* update to tokio 0.2 release
* update to h2 0.2.0
* fix compilation errors
* server await JoinHandles from spawn
* fix integration tests using different Runtimes
* cleanup named test output
* fix openssl tests
* cleanup code from review
* refactor server_future for JoinHandle, also fix Udp deadlock
Currently the trust-dns-resolver uses a hardcoded rustls::ClientConfig
when build with the dns-over-rustls feature. this makes it impossible
to change the accepted root certificates and other properties of the
tls client.
This commit adds a new field to the NameServerConfig to optionally
pass a rustls::ClientConfig which get's used instead. The webpki-roots
store is used as the default fallback so existing implementations
should work as before.
A new type TlsClientConfig was added as a wrapper for
rustls::ClientConfig which doesn't implement the Debug, Eq & PartialEq
traits. This might become obsolete if rustls can provide the trait
implementations one day.
The custom rustls:ClientConfig can be set vía a set_tls_client_config
method which is defined on trust-dns-resolver::NameServerConfigGroup
and trust-dns-resolver::ResolverConf.
