[strongSwan] DNS support
Tobias Brunner
tobias at strongswan.org
Mon Sep 16 10:32:38 CEST 2019
Hi Anthony,
> ? does strongswan support “HTTPS DNS”
>
> Will be using it for: OCSP, CRL and “VICI struct
> s_connection_parameters:remote_address”
strongSwan doesn't resolve hostnames itself but uses getaddrinfo(3). So
it depends on how resolvers are configured on the local machine (and the
abilities of the involved resolver(s)). And when using CRLs and OCSP it
depends on the fetcher plugin and the external library it uses (e.g.
libcurl) how the respective hostnames are resolved (might also be
getaddrinfo, though).
Regards,
Tobias
More information about the Users
mailing list