Subject: [c-ares] Draft support DNSSEC + DANE (#16) (fwd)

[c-ares] Draft support DNSSEC + DANE (#16) (fwd)

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Thu, 12 Jun 2014 16:24:13 +0200 (CEST)

FYI

-- 
  / daniel.haxx.se
---------- Forwarded message ----------
Date: Thu, 12 Jun 2014 16:20:34
From: Nikos Mavrogiannopoulos <notifications_at_github.com>
Reply-To: bagder/c-ares
     <reply+i-35587983-3ab6a348a157f1b134f8daf44a2d44ecc510ad1c-177011_at_reply.gith
     ub.com>
To: bagder/c-ares <c-ares_at_noreply.github.com>
Subject: [c-ares] Draft support DNSSEC + DANE (#16)
This series of patches adds support for DNSSEC + parsing of DANE structures. This is a draft pull request mostly intended for comments.
Open issues:
1. To add support for sending a query that will set the flags needed by dnssec I had to add ares_create_query2(). Maybe there can be a clever way to avoid introducing another create query function, but I couldn&#39;t think of any.
2. How to determine the servers to use when dnssec is requested. Currently it uses an extension of resolv.conf (the trusted-nameserver line), as proposed in:
https://www.sourceware.org/ml/libc-alpha/2014-06/msg00307.html
3. I&#39;m not so experienced with DNS and its terminology. A review by someone who is more familiar may help.
You can merge this Pull Request by running:
   git pull https://github.com/nmav/c-ares master
Or you can view, comment on it, or merge it online at:
   https://github.com/bagder/c-ares/pull/16
-- Commit Summary --
   * Added support for sending a DNSSEC query.
   * Added the flag ARES_FLAG_REQUIRE_DNSSEC
   * Added support for parsing TLSA RRs
   * When the ARES_FLAG_DNSSEC is specified, use the nameservers that are tagged as trusted.
-- File Changes --
     M Makefile.inc (2)
     M ares.h (22)
     M ares_create_query.c (11)
     M ares_data.c (17)
     M ares_data.h (2)
     M ares_dns.h (2)
     M ares_init.c (121)
     A ares_parse_tlsa_reply.3 (86)
     A ares_parse_tlsa_reply.c (186)
     M ares_process.c (10)
     M ares_query.c (5)
     M ares_strerror.c (3)
-- Patch Links --
https://github.com/bagder/c-ares/pull/16.patch
https://github.com/bagder/c-ares/pull/16.diff
---
Reply to this email directly or view it on GitHub:
https://github.com/bagder/c-ares/pull/16
Received on 2014-06-12