[strongSwan] DNS support
Modster, Anthony
Anthony.Modster at Teledyne.com
Mon Sep 16 18:26:22 CEST 2019
Hello Tobias
? what are the possible fetcher plugins for CRLs and OCSP
-----Original Message-----
From: Tobias Brunner <tobias at strongswan.org>
Sent: Monday, September 16, 2019 1:33 AM
To: Modster, Anthony <Anthony.Modster at Teledyne.com>; users at lists.strongswan.org
Subject: Re: [strongSwan] DNS support
---External Email---
Hi Anthony,
> ? does strongswan support “HTTPS DNS”
>
> Will be using it for: OCSP, CRL and “VICI struct
> s_connection_parameters:remote_address”
strongSwan doesn't resolve hostnames itself but uses getaddrinfo(3). So it depends on how resolvers are configured on the local machine (and the abilities of the involved resolver(s)). And when using CRLs and OCSP it depends on the fetcher plugin and the external library it uses (e.g.
libcurl) how the respective hostnames are resolved (might also be getaddrinfo, though).
Regards,
Tobias
More information about the Users
mailing list