Git repository

Patches are available here: https://portal.sinodun.com/stash/projects/TDNS/repos/dns-over-tls_patches/browse

STARTTLS is DNS is no longer described in any active draft, but is still available in these patches.

TFO patches

Various TFO patches are provided - please see the TFO patch repository.

LDNS:  ldns.1.6.17_dns-over-tls.patch

Since this patches use TLS v1.2 a recent version of OpenSSL is required.

Features

Installation

  1. apply patch
  2. run 'autoreconf --force'
  3. additionally specify the '--with-ssl' and --with-tls' flags when running 'configure'
  4. optionally specify the --enable-tcp-fastopen when running 'configure'
  5. make, make install

Unbound: unbound-1.5.1_t-dns.patch

Features

Installation

  1. apply patch
  2. run 'autoreconf --force'
  3. optionally specify the --enable-tcp-fastopen  and/or --enable-TObit flags and when running 'configure'
  4. make, make install

NSD: nsd-4.1.0_dns-over-tls.patch

Features

Installation

  1. apply patch
  2. run 'autoreconf --force'
  3. optionally specify the --enable-tcp-fastopen  and/or --enable-TObit flags and when running 'configure'
  4. make, make install

DNSPerf: add_tcp.patch

Features

patch.diff