upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-04 23:22:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

BIND - enable TLS SNI support for outgoing TLS connections

Browse source 
This commit ensures that BIND enables TLS SNI support for outgoing DoT
connections (when possible) in order to improve compatibility with
other DNS server software.
This commit is contained in:
Artem Boldariev 2024-12-17 16:24:29 +02:00
parent e04fb30ee6
commit 740292d3ec
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/dns/dispatch.c
View file

@ -2005,10 +2005,16 @@ tcp_dispatch_connect(dns_dispatch_t *disp, dns_dispentry_t *resp) {
"connecting from %s to %s, timeout %u", localbuf,
peerbuf, resp->timeout);
char *hostname = NULL;
if (resp->transport != NULL) {
hostname = dns_transport_get_remote_hostname(
resp->transport);
}
isc_nm_streamdnsconnect(disp->mgr->nm, &disp->local,
&disp->peer, tcp_connected, disp,
resp->timeout, tlsctx, NULL, sess_cache,
ISC_NM_PROXY_NONE, NULL);
resp->timeout, tlsctx, hostname,
sess_cache, ISC_NM_PROXY_NONE, NULL);
break;
case DNS_DISPATCHSTATE_CONNECTING: