New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The resolver
device (conduit) uses an outdated DNS resolver by default
#1360
Comments
So, the easy solution it seems is to remove the hardcoded one from ocaml-conduit, and go with the default one in ocaml-dns (which uses uncensoreddns via TLS). But I've no clue who uses the resolver device (and conduit) -- and maybe another path is to just remove it from mirage? |
hannesm
added a commit
to hannesm/opam-repository
that referenced
this issue
Oct 25, 2022
… (4.3.1) CHANGES: #### Fixed - adapt to conduit 6.0.1 API (delay the parsing of the nameserver list) (mirage/mirage#1362 mirage/mirage#1369, @reynir @hannesm, fixes mirage/mirage#1360) - improve the generic_dns_client documentation (mirage/mirage#1365, @dinosaure) - upgrade to git 3.10.0 (mirage/mirage#1366, @dinosaure) #### Changed - mirage-runtime: use Logs.level_of_string / level_to_string, avoid manual construction of Cmdliner.Arg.conv types (use the Cmdliner.Arg.conv function instead) (mirage/mirage#1358, @hannesm) #### Added - functoria-runtime: provide argument_error exit code (mirage/mirage#1361, @hannesm) - add a http_server device using paf (mirage/mirage#1367, @dinosaure)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We probably should reset the default DNS resolver of the
resolver
device to be sure that if someone use it, he/she will not get a timeout error in anyway. This is article about why the clear DNS resolver was turned off: https://blog.uncensoreddns.org/blog/40-cleartext-dns-turned-off/. Thanks to @reynir who sent an email about that on the mailing list.The text was updated successfully, but these errors were encountered: