Skip to content

Commit 64a4a39

Browse files
sgryphonsgryphon
committed
fix(dns): Enable LWIP DNS RFC6724 destination address selection to fix IPv6 TLS (espressif#166)
TLS / HTTPS uses the hostname (for certificate validation) to directly look up DNS. This change enables the RFC6724 destination address selection in LWIP DNS, to return IPv6 addresses from DNS when a public IPv6 source is available, or otherwise return IPv4. i.e. Destination address selection is dynamci depending on what addresses are available to send from. Without this, LWIP is hard coded to prefer IPv4, which means when an IPv6-only device tries to contact a dual-stack (or DNS64) server, it will get the IPv4 address (that can't be used). The config change fixes that.
1 parent 4ec4d25 commit 64a4a39

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

Diff for: configs/defconfig.common

+1
Original file line numberDiff line numberDiff line change
@@ -83,6 +83,7 @@ CONFIG_SPIRAM_MALLOC_RESERVE_INTERNAL=0
8383
CONFIG_LWIP_IPV6_AUTOCONFIG=y
8484
CONFIG_LWIP_IPV6_DHCP6=y
8585
CONFIG_LWIP_IPV6_RDNSS_MAX_DNS_SERVERS=2
86+
CONFIG_LWIP_DNS_DYNAMIC_SORT=y
8687
CONFIG_ESP_RMAKER_SKIP_VERSION_CHECK=y
8788
CONFIG_ESP_RMAKER_USER_ID_CHECK=y
8889
CONFIG_ESP_INSIGHTS_ENABLED=y

0 commit comments

Comments
 (0)