1 files changed, 56 insertions, 2 deletions

diff --git a/src/network/kernel/qdnslookup_p.h b/src/network/kernel/qdnslookup_p.h
index 03767fd831..1f32b4ee4f 100644
--- a/src/network/kernel/qdnslookup_p.h
+++ b/src/network/kernel/qdnslookup_p.h
@@ -25,6 +25,11 @@
 #include "QtNetwork/qdnslookup.h"
 #include "QtNetwork/qhostaddress.h"
 #include "private/qobject_p.h"
+#include "private/qurl_p.h"
+
+#if QT_CONFIG(ssl)
+#  include "qsslconfiguration.h"
+#endif
 
 QT_REQUIRE_CONFIG(dnslookup);
 
@@ -34,6 +39,7 @@ QT_BEGIN_NAMESPACE
 
 constexpr qsizetype MaxDomainNameLength = 255;
 constexpr quint16 DnsPort = 53;
+constexpr quint16 DnsOverTlsPort = 853;
 
 class QDnsLookupRunnable;
 QDebug operator<<(QDebug &, QDnsLookupRunnable *);
@@ -42,6 +48,7 @@ class QDnsLookupReply
 {
 public:
     QDnsLookup::Error error = QDnsLookup::NoError;
+    bool authenticData = false;
     QString errorString;
 
     QList<QDnsDomainNameRecord> canonicalNameRecords;
@@ -50,8 +57,13 @@ public:
     QList<QDnsDomainNameRecord> nameServerRecords;
     QList<QDnsDomainNameRecord> pointerRecords;
     QList<QDnsServiceRecord> serviceRecords;
+    QList<QDnsTlsAssociationRecord> tlsAssociationRecords;
     QList<QDnsTextRecord> textRecords;
 
+#if QT_CONFIG(ssl)
+    std::optional<QSslConfiguration> sslConfiguration;
+#endif
+
     // helper methods
     void setError(QDnsLookup::Error err, QString &&msg)
     {
@@ -119,6 +131,7 @@ private:
                 && nameServerRecords.isEmpty()
                 && pointerRecords.isEmpty()
                 && serviceRecords.isEmpty()
+                && tlsAssociationRecords.isEmpty()
                 && textRecords.isEmpty();
     }
 };
@@ -128,7 +141,8 @@ class QDnsLookupPrivate : public QObjectPrivate
 public:
     QDnsLookupPrivate()
         : type(QDnsLookup::A)
-        , port(DnsPort)
+        , port(0)
+        , protocol(QDnsLookup::Standard)
     { }
 
     void nameChanged()
@@ -161,11 +175,22 @@ public:
     Q_OBJECT_BINDABLE_PROPERTY(QDnsLookupPrivate, quint16,
                                port, &QDnsLookupPrivate::nameserverPortChanged);
 
+    void nameserverProtocolChanged()
+    {
+        emit q_func()->nameserverProtocolChanged(protocol);
+    }
+
+    Q_OBJECT_BINDABLE_PROPERTY(QDnsLookupPrivate, QDnsLookup::Protocol,
+                               protocol, &QDnsLookupPrivate::nameserverProtocolChanged);
 
     QDnsLookupReply reply;
     QDnsLookupRunnable *runnable = nullptr;
     bool isFinished = false;
 
+#if QT_CONFIG(ssl)
+    std::optional<QSslConfiguration> sslConfiguration;
+#endif
+
     Q_DECLARE_PUBLIC(QDnsLookup)
 };
 
@@ -174,18 +199,38 @@ class QDnsLookupRunnable : public QObject, public QRunnable
     Q_OBJECT
 
 public:
+#ifdef Q_OS_WIN
+    using EncodedLabel = QString;
+#else
+    using EncodedLabel = QByteArray;
+#endif
+    // minimum IPv6 MTU (1280) minus the IPv6 (40) and UDP headers (8)
+    static constexpr qsizetype ReplyBufferSize = 1280 - 40 - 8;
+    using ReplyBuffer = QVarLengthArray<unsigned char, ReplyBufferSize>;
+
     QDnsLookupRunnable(const QDnsLookupPrivate *d);
     void run() override;
+    bool sendDnsOverTls(QDnsLookupReply *reply, QSpan<unsigned char> query, ReplyBuffer &response);
 
 signals:
     void finished(const QDnsLookupReply &reply);
 
 private:
+    template <typename T> static QString decodeLabel(T encodedLabel)
+    {
+        return qt_ACE_do(encodedLabel.toString(), NormalizeAce, ForbidLeadingDot);
+    }
     void query(QDnsLookupReply *reply);
-    QByteArray requestName;
+
+    EncodedLabel requestName;
     QHostAddress nameserver;
     QDnsLookup::Type requestType;
     quint16 port;
+    QDnsLookup::Protocol protocol;
+
+#if QT_CONFIG(ssl)
+    std::optional<QSslConfiguration> sslConfiguration;
+#endif
     friend QDebug operator<<(QDebug &, QDnsLookupRunnable *);
 };
 
@@ -253,6 +298,15 @@ public:
     QList<QByteArray> values;
 };
 
+class QDnsTlsAssociationRecordPrivate : public QDnsRecordPrivate
+{
+public:
+    QDnsTlsAssociationRecord::CertificateUsage usage;
+    QDnsTlsAssociationRecord::Selector selector;
+    QDnsTlsAssociationRecord::MatchingType matchType;
+    QByteArray value;
+};
+
 QT_END_NAMESPACE
 
 #endif // QDNSLOOKUP_P_H