diff options
author | defanor <defanor@uberspace.net> | 2020-11-13 14:40:11 +0300 |
---|---|---|
committer | defanor <defanor@uberspace.net> | 2020-11-13 14:40:11 +0300 |
commit | 3749774b44405f7cdafcd3bb13c7ecbcf34a2f26 (patch) | |
tree | a702921107ddb73126f31d63a9974daa9a35ef21 /src/rexmpp.h | |
parent | 257999ac7a08789cc421983493e43ecf5e169bab (diff) |
Switch from c-ares to libunbound
libunbound supports DNSSEC, which is needed for DANE TLSA: GnuTLS
verifies a certificate for the final host, but SRV and A/AAAA records
leading to it should be verified as well.
c-ares is still used to parse domain names in SRV records, but should
be replaced soon.
Diffstat (limited to 'src/rexmpp.h')
-rw-r--r-- | src/rexmpp.h | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/src/rexmpp.h b/src/rexmpp.h index 2dfbde8..78ec5a6 100644 --- a/src/rexmpp.h +++ b/src/rexmpp.h @@ -10,6 +10,7 @@ #define REXMPP_H #include <ares.h> +#include <unbound.h> #include <gnutls/gnutls.h> #include <gsasl.h> #include <libxml/tree.h> @@ -282,11 +283,11 @@ struct rexmpp time_t last_network_activity; /* DNS-related structures. */ - ares_channel resolver_channel; - struct ares_srv_reply *server_srv; - struct ares_srv_reply *server_srv_cur; - struct ares_srv_reply *server_srv_tls; - struct ares_srv_reply *server_srv_tls_cur; + struct ub_ctx *resolver_ctx; + struct ub_result *server_srv; + int server_srv_cur; + struct ub_result *server_srv_tls; + int server_srv_tls_cur; /* The XMPP server we are connecting to. */ const char *server_host; @@ -294,6 +295,9 @@ struct rexmpp /* The primary socket used for communication with the server. */ int server_socket; + /* Whether the address it's connected to was verified with + DNSSEC. */ + int server_socket_dns_secure; /* A structure used to establish a TCP connection. */ rexmpp_tcp_conn_t server_connection; |