client updates: use a single TCP connection and multiplex over that #269
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If a user of this API wants to query a different nameserver, they can create a fresh Dns_client.create state. It simplifies the code quite a bit, especially for future refactorings.
…tion This reduces the number of file descriptors used, and also reduces the delay in longer-running applications (since the TCP handshake is not needed for every DNS request).
dns-stub-mirage: use vanilla dns-client-mirage
Preparation for trying multiple nameservers in sequence until one succeeds. This breaks the API of dns-client and also removes the type ns_addr.
hannesm
force-pushed
the
client-more
branch
from
f85007f to
e688788
Compare
|
The CI failures are unrelated (AFAICT). This is already a good chunk in the right direction (with the goal being dns-over-tls resolution). Since all dependencies are released, I'll merge this and we can re-develop/continue on the main branch with dns-over-tls (and then cut a release). |
|
Forgot to mention that this patch set was pair-programmed with @reynir, so we had two pairs of eyes looking at the code already. |
This was referenced Oct 5, 2021
hannesm
added a commit
to hannesm/opam-repository
that referenced
this pull request
Oct 18, 2021
…mirage, dns-client, dns-cli and dns-certify (6.0.0) CHANGES: * use Cstruct.length instead of deprecated Cstruct.len * avoid deprecated fmt functions * BREAKING dns: Rr_map.get_ttl is now ttl, and takes 'a key -> 'a -> int32 (instead of b -> int32), Rr_map.with_ttl now is 'a key -> 'a -> int32 -> 'a (instead of b -> int32 -> b) (mirage/ocaml-dns#264 @hannesm) * BREAKING dns: Rr_map.A now uses Ipaddr.V4.Set.t, Aaaa uses Ipaddr.V6.Set.t (requires ipaddr 5.2.0) (mirage/ocaml-dns#268 @hannesm) * BREAKING dns.cache: type entry now is polymorphic ('a entry = `Entry of 'a ...) (instead of `Entry of Rr_map.b) (mirage/ocaml-dns#263 @reynir and @hannesm) * BREAKING dns.cache: use a LRU.F.t instead of LRU.M.t (mirage/ocaml-dns#256 @hannesm) * dns.cache: provide get_or_cname and get_any function (mirage/ocaml-dns#256 mirage/ocaml-dns#257 @hannesm) * BUGFIX dns.cache: update if time to live of cached entry expired (reported in mirage/ocaml-dns#259 by @dinosaure, fix by @reynir and @hannesm) * dns-client support DNS-over-TLS (RFC 7858): the type io_addr is now a variant of `Plaintext (Ipaddr.t * int) or `Tls (Tls.Config.client * Ipaddr.t * int) By default, ca-certs (ca-certs-nss for MirageOS) are used as trust anchors, and the certificate is expected to contain the IP address of the resolver. The default resolver (anycast.uncensoreddns.org) certificate is verified by hostname, since the let's encrypt certificate does not include an IP address in SubjectAlternativeNames (mirage/ocaml-dns#270 @hannesm) * BREAKING dns-client.mirage.Make is extended by a Mirage_clock.PCLOCK (mirage/ocaml-dns#270 @hannesm) * BREAKING dns-client, dns-stub: use Dns.proto instead of custom [`TCP|`UDP] (mirage/ocaml-dns#266 @hannesm) * dns-client: use a `mutable timeout_ns : int64` instead of `timeout_ns : int64 ref` (mirage/ocaml-dns#259 @hannesm) * BREAKING dns-client: remove `?nameserver` from getaddrinfo/gethostbyname/gehostbyname6/get_resource_record - if a custom nameserver should be queried, a distinct Dns_client.t can be constructed (mirage/ocaml-dns#269 @reynir and @hannesm) * dns-client: multiplex over TCP connections (mirage/ocaml-dns#269 @reynir and @hannesm) * dns-client: use happy-eyeballs to connect to all nameservers from /etc/resolv.conf sequentially (lwt and mirage) (mirage/ocaml-dns#269 @reynir and @hannesm) * BREAKING dns-client remove UDP support from lwt (mirage/ocaml-dns#270 @reynir and @hannesm) * BREAKING dns-resolver remove "mode" from codebase, default to recursive (a stub resolver is available as dns-stub) (mirage/ocaml-dns#260 @hannesm) * dns-resolver: use dns.cache instead of copy in Dns_resolver_cache (mirage/ocaml-dns#256 @hannesm) * BUGFIX dns-resolver: fix responses to queries (reported in mirage/ocaml-dns#255 by @dinosaure, fix in mirage/ocaml-dns#258 by @reynir and @hannesm) * dns-resolver: refactor and cleanup code, remove statistics, remove dead code (mirage/ocaml-dns#258 mirage/ocaml-dns#261 @reynir @hannesm) * dns-stub: reconnect to resolver, resend all outstanding queries (mirage/ocaml-dns#259 @hannesm)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.