When starting a TLS connection in some environments, we usually disabled some
certificates checks to allow tests with self-signed certificates. To disable
this checks we need to change some TLS parameters when starting a connection,
and for that we need to inject this parameters in the API.
Now the Client will also have an attribute for the TLS configuration
parameters. For future refactories, we could change the TLS attribute from bool
to a struct that would store the "Enable" flag and the configuration.
See #297
We should allow the client to send requests to a recursive DNS server using a
encrypted connection. This is proposed on the document
draft-ietf-dprive-dns-over-tls [1].
For now we didn't allow the API user to change the TLS configuration (using
defaults). We also need to add the intelligence to fallback to normal DNS when
the TLS connection fails (as described in the draft).
See #297
[1] http://tools.ietf.org/html/draft-ietf-dprive-dns-over-tls-02
The current code sets the read deadline at the same time as the write
deadline. If the write nearly times out but doesn't, the read timeout
can fire before the read happens within the specified deadline.
Make Client's exchange function easier to read by moving timeout logic
into separate functions.
Start the timers closer to where they're used so that time from other
logic doesn't impact the deadlines.
Reduce some code duplication by making Exchange() use Client.Exchange().
When performing an Exchange if the query ID does not match the answer ID
return an error. Also add a test for this condition.
In client.Exchange we *did* check for this size, to the same in the
function Exchange(). This bug surfaced in issue #184, this sort of
fixes it.
Closes#184.
The interface conversion from socket.Conn to net.UDPConn fails, but
since you can use a generic Read(b) in place of ReadFromUDP(b) it makes
sense to git rid of the conversion to net.UDPConn. This change allows
the use of the client library for UDP DNS lookup using the
appengine/socket package's Conn.
For the same reasons the interface conversions for TCP connections were
also removed.
