How can I change the dns setting of the system resolver on iOS?

How can you change the behaviour of the system resolver on iOS?

need help eskimo..!

Up vote post of kyjkr Down vote post of kyjkr
116 views
Posted by
kyjkr
Reply
Add a Comment

Replies

Thanks for bouncing over to DevForums.

My understanding is that you don’t want to change the resolver settings on a system-wide basis. Rather, you’re trying to convince SwiftNIO code running within your process to use a different resolver. That difference is important, because the two tasks require completely different approaches.

My general recommendation is that you use SwiftNIO Transport Services to configure SwiftNIO to use Network framework. Once you do that, you can apply a custom privacy context to the NWParameters you use to create your connections. The privacy context then lets you set a custom secure DNS configuration.

For more on this, see:

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thank you for reply.

I make the NWParameters() like this.

      let parameters = NWParameters()
        
        let privacyContext = NWParameters.PrivacyContext(description: "test")
        
        privacyContext.requireEncryptedNameResolution(true, fallbackResolver: .tls(NWEndpoint.hostPort(host: NWEndpoint.Host(host), port: NWEndpoint.Port(rawValue: UInt16(port))!), serverAddresses: []))
        
        parameters.setPrivacyContext(privacyContext)

and init bootstrap like this

        let bootstrap = NIOTSConnectionBootstrap(group: context.eventLoop)
            .channelInitializer { channel in
                channel.pipeline.addHandler(MyClientHandler())
            }
            .connect(host: String(host), port: port)

But, I am not sure where to apply the parameters and whether I am doing it correctly. If possible, can you show me some example code?

Posted by
kyjkr
Up vote reply of kyjkr Down vote reply of kyjkr
Add a Comment

If you were using Network framework directly, you’d then create a connection from those parameters. For example:

let tcp = NWParameters.tcp
tcp.setPrivacyContext(context)
let connection = NWConnection(to: .hostPort(host: "example.com", port: 80), using: tcp)
connection.stateUpdateHandler = { newState in
    print("connection did change state, new: \(newState)")
}
connection.start(queue: .main)

As a first step I recommend that you do this, to get a feel for how NWConnection works. Don’t try to integrate it into your real project; just create a tiny command-line tool test project and confirm that the privacy context is doing what you expect.

The next step is to dig through the layers of abstraction provided by SwiftNIO to work out how to create the NWConnection with the parameters you want. I don’t have code to share for that — DTS doesn’t support open source libraries, and that includes SwiftNIO — but:

  • Searching for NWConnection code that looks something like the above should get you to the right place.

  • If you get stuck, you can bounce back to Swift Forums and Cory will almost certainly be able to help you out.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment