Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-21 09:15:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
942f3300c9
gecko-dev/netwerk/dns/nsDNSService2.h
Daniel Stenberg e5d3226694 bug 1434852 - introducing TRR (DOH); r=mcmanus,valentin 
Provides an optional resolver mechanism for Firefox that allows running
together with or instead of the native resolver.

TRR offers resolving of host names using a dedicated DNS-over-HTTPS server
(HTTPS is required, HTTP/2 is preferable).

DNS-over-HTTPS (DOH) allows DNS resolves with enhanced privacy, secure
transfers and improved performance.

To keep the failure rate at a minimum, the TRR system manages a dynamic
persistent blacklist for host names that can't be resolved with DOH but works
with the native resolver. Blacklisted entries will not be retried over DOH for
a couple of days. "localhost" and names in the ".local" TLD will not be
resolved via DOH.

TRR is preffed OFF by default and you need to set a URI for an available DOH
server to be able to use it. Since the URI for DOH is set with a name itself,
it may have to use the native resolver for bootstrapping. (Optionally, the
user can set the IP address of the DOH server in a pref to avoid the required
initial native resolve.)

When TRR starts up, it will first verify that it works by checking a
"confirmation" domain name. This confirmation domain is a pref by default set
to "example.com". TRR will also by default await the captive-portal detection
to raise its green flag before getting activated.

All prefs for TRR are under the "network.trr" hierarchy.

The DNS-over-HTTPS spec: https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-03

MozReview-Commit-ID: GuuU6vjTjlm

--HG--
extra : rebase_source : 53fcca757334090ac05fec540ef29d109d5ceed3
2018-02-01 10:20:49 +01:00

91 lines
3.2 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* vim: set sw=4 ts=8 et tw=80 : */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsDNSService2_h__
#define nsDNSService2_h__
#include "nsPIDNSService.h"
#include "nsIIDNService.h"
#include "nsIMemoryReporter.h"
#include "nsIObserver.h"
#include "nsHostResolver.h"
#include "nsAutoPtr.h"
#include "nsString.h"
#include "nsTHashtable.h"
#include "nsHashKeys.h"
#include "mozilla/Mutex.h"
#include "mozilla/Attributes.h"
#include "TRRService.h"
class nsAuthSSPI;
class nsDNSService final : public nsPIDNSService
, public nsIObserver
, public nsIMemoryReporter
{
public:
NS_DECL_THREADSAFE_ISUPPORTS
NS_DECL_NSPIDNSSERVICE
NS_DECL_NSIDNSSERVICE
NS_DECL_NSIOBSERVER
NS_DECL_NSIMEMORYREPORTER
nsDNSService();
static already_AddRefed<nsIDNSService> GetXPCOMSingleton();
size_t SizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const;
bool GetOffline() const;
protected:
friend class nsAuthSSPI;
nsresult DeprecatedSyncResolve(const nsACString &aHostname,
uint32_t flags,
const mozilla::OriginAttributes &aOriginAttributes,
nsIDNSRecord **result);
private:
~nsDNSService();
static already_AddRefed<nsDNSService> GetSingleton();
uint16_t GetAFForLookup(const nsACString &host, uint32_t flags);
nsresult PreprocessHostname(bool aLocalDomain,
const nsACString &aInput,
nsIIDNService *aIDN,
nsACString &aACE);
nsresult ResolveInternal(const nsACString &aHostname,
uint32_t flags,
const mozilla::OriginAttributes &aOriginAttributes,
nsIDNSRecord **result);
RefPtr<nsHostResolver> mResolver;
nsCOMPtr<nsIIDNService> mIDN;
// mLock protects access to mResolver and mIPv4OnlyDomains
mozilla::Mutex mLock;
// mIPv4OnlyDomains is a comma-separated list of domains for which only
// IPv4 DNS lookups are performed. This allows the user to disable IPv6 on
// a per-domain basis and work around broken DNS servers. See bug 68796.
nsCString mIPv4OnlyDomains;
nsCString mForceResolve;
bool mDisableIPv6;
bool mDisablePrefetch;
bool mBlockDotOnion;
bool mFirstTime;
bool mNotifyResolution;
bool mOfflineLocalhost;
bool mForceResolveOn;
nsTHashtable<nsCStringHashKey> mLocalDomains;
RefPtr<mozilla::net::TRRService> mTrrService;
};
#endif //nsDNSService2_h__
Reference in New Issue View Git Blame Copy Permalink