mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-21 09:15:35 +00:00
e5d3226694
Provides an optional resolver mechanism for Firefox that allows running together with or instead of the native resolver. TRR offers resolving of host names using a dedicated DNS-over-HTTPS server (HTTPS is required, HTTP/2 is preferable). DNS-over-HTTPS (DOH) allows DNS resolves with enhanced privacy, secure transfers and improved performance. To keep the failure rate at a minimum, the TRR system manages a dynamic persistent blacklist for host names that can't be resolved with DOH but works with the native resolver. Blacklisted entries will not be retried over DOH for a couple of days. "localhost" and names in the ".local" TLD will not be resolved via DOH. TRR is preffed OFF by default and you need to set a URI for an available DOH server to be able to use it. Since the URI for DOH is set with a name itself, it may have to use the native resolver for bootstrapping. (Optionally, the user can set the IP address of the DOH server in a pref to avoid the required initial native resolve.) When TRR starts up, it will first verify that it works by checking a "confirmation" domain name. This confirmation domain is a pref by default set to "example.com". TRR will also by default await the captive-portal detection to raise its green flag before getting activated. All prefs for TRR are under the "network.trr" hierarchy. The DNS-over-HTTPS spec: https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-03 MozReview-Commit-ID: GuuU6vjTjlm --HG-- extra : rebase_source : 53fcca757334090ac05fec540ef29d109d5ceed3
91 lines
3.2 KiB
C++
91 lines
3.2 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
|
/* vim: set sw=4 ts=8 et tw=80 : */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#ifndef nsDNSService2_h__
|
|
#define nsDNSService2_h__
|
|
|
|
#include "nsPIDNSService.h"
|
|
#include "nsIIDNService.h"
|
|
#include "nsIMemoryReporter.h"
|
|
#include "nsIObserver.h"
|
|
#include "nsHostResolver.h"
|
|
#include "nsAutoPtr.h"
|
|
#include "nsString.h"
|
|
#include "nsTHashtable.h"
|
|
#include "nsHashKeys.h"
|
|
#include "mozilla/Mutex.h"
|
|
#include "mozilla/Attributes.h"
|
|
#include "TRRService.h"
|
|
|
|
class nsAuthSSPI;
|
|
|
|
class nsDNSService final : public nsPIDNSService
|
|
, public nsIObserver
|
|
, public nsIMemoryReporter
|
|
{
|
|
public:
|
|
NS_DECL_THREADSAFE_ISUPPORTS
|
|
NS_DECL_NSPIDNSSERVICE
|
|
NS_DECL_NSIDNSSERVICE
|
|
NS_DECL_NSIOBSERVER
|
|
NS_DECL_NSIMEMORYREPORTER
|
|
|
|
nsDNSService();
|
|
|
|
static already_AddRefed<nsIDNSService> GetXPCOMSingleton();
|
|
|
|
size_t SizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const;
|
|
|
|
bool GetOffline() const;
|
|
|
|
protected:
|
|
friend class nsAuthSSPI;
|
|
|
|
nsresult DeprecatedSyncResolve(const nsACString &aHostname,
|
|
uint32_t flags,
|
|
const mozilla::OriginAttributes &aOriginAttributes,
|
|
nsIDNSRecord **result);
|
|
private:
|
|
~nsDNSService();
|
|
|
|
static already_AddRefed<nsDNSService> GetSingleton();
|
|
|
|
uint16_t GetAFForLookup(const nsACString &host, uint32_t flags);
|
|
|
|
nsresult PreprocessHostname(bool aLocalDomain,
|
|
const nsACString &aInput,
|
|
nsIIDNService *aIDN,
|
|
nsACString &aACE);
|
|
|
|
nsresult ResolveInternal(const nsACString &aHostname,
|
|
uint32_t flags,
|
|
const mozilla::OriginAttributes &aOriginAttributes,
|
|
nsIDNSRecord **result);
|
|
|
|
RefPtr<nsHostResolver> mResolver;
|
|
nsCOMPtr<nsIIDNService> mIDN;
|
|
|
|
// mLock protects access to mResolver and mIPv4OnlyDomains
|
|
mozilla::Mutex mLock;
|
|
|
|
// mIPv4OnlyDomains is a comma-separated list of domains for which only
|
|
// IPv4 DNS lookups are performed. This allows the user to disable IPv6 on
|
|
// a per-domain basis and work around broken DNS servers. See bug 68796.
|
|
nsCString mIPv4OnlyDomains;
|
|
nsCString mForceResolve;
|
|
bool mDisableIPv6;
|
|
bool mDisablePrefetch;
|
|
bool mBlockDotOnion;
|
|
bool mFirstTime;
|
|
bool mNotifyResolution;
|
|
bool mOfflineLocalhost;
|
|
bool mForceResolveOn;
|
|
nsTHashtable<nsCStringHashKey> mLocalDomains;
|
|
RefPtr<mozilla::net::TRRService> mTrrService;
|
|
};
|
|
|
|
#endif //nsDNSService2_h__
|