From 35114dde7dd58c37c346b039860d4aa604ebb118 Mon Sep 17 00:00:00 2001 From: strawberry Date: Mon, 29 Apr 2024 14:47:31 -0400 Subject: [PATCH] add query_over_tcp_only config option for hickory Signed-off-by: strawberry --- conduwuit-example.toml | 6 ++++++ src/config/mod.rs | 2 ++ src/service/globals/resolver.rs | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/conduwuit-example.toml b/conduwuit-example.toml index bcaa5b8f..03029dd5 100644 --- a/conduwuit-example.toml +++ b/conduwuit-example.toml @@ -514,6 +514,12 @@ allow_profile_lookup_federation_requests = true # The default is to query one nameserver and stop (false). #query_all_nameservers = true +# Enables using *only* TCP for querying your specified nameservers instead of UDP. +# +# You very likely do *not* want this. hickory-resolver already falls back to TCP on UDP errors. +# Defaults to false +#query_over_tcp_only = false + # DNS A/AAAA record lookup strategy # # Takes a number of one of the following options: diff --git a/src/config/mod.rs b/src/config/mod.rs index 5fb1eedc..315e1fb4 100644 --- a/src/config/mod.rs +++ b/src/config/mod.rs @@ -103,6 +103,8 @@ pub(crate) struct Config { pub(crate) dns_tcp_fallback: bool, #[serde(default = "true_fn")] pub(crate) query_all_nameservers: bool, + #[serde(default)] + pub(crate) query_over_tcp_only: bool, #[serde(default = "default_ip_lookup_strategy")] pub(crate) ip_lookup_strategy: u8, diff --git a/src/service/globals/resolver.rs b/src/service/globals/resolver.rs index 3d1acd5d..96ee7382 100644 --- a/src/service/globals/resolver.rs +++ b/src/service/globals/resolver.rs @@ -51,6 +51,10 @@ impl Resolver { for sys_conf in sys_conf.name_servers() { let mut ns = sys_conf.clone(); + if config.query_over_tcp_only { + ns.protocol = hickory_resolver::config::Protocol::Tcp; + } + ns.trust_negative_responses = !config.query_all_nameservers; conf.add_name_server(ns);