mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-02-04 08:13:38 +00:00
a1070bf319
This improves the user experience in many ways: - Help user understand if DNSSEC is being used on the current DNS server in case 'allow-fallback' is supported. - Nudges the user to explore enabling DNS-over-TLS and DNSSEC. - Help user understand how global vs. link specific configuration works. Help user understand if a global DNS is being used. - Show the list of fallback DNS servers being used (as this poses privacy concerns). Also helps with debugging in problematic situations: - Find out which DNS server is being used (and leading to problems) and show the cycling mechanism. Tests: - Enable/disable fallback DNS server in privacy app. See that fallback servers line is only shown when enabled. - Set various global values of DNS-over-TLS and DNSSEC and see the status changes. - Set various values of DNS-over-TLS in the network connection settings and see the changes in status. - Set DNSSEC to allow-fallback. Perform a query and see that the value of supported/unsupported changes. - Set DNS servers with special configuration file in /etc/systemd/resolved.conf.d/test.conf and restart systemd-resolved. See change in status page. Notice that if connection specific DNS server is set to an invalid server, global section has a current DNS server. - Set SNI domain name and port for the an IPv4 DNS and an IPv6 DNS. See that the display is as expected. - Raise an exception in get_status() and notice that an error alert is show properly. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewd-by: Veiko Aasa <veiko17@disroot.org>