refactor finish()/checkout() layers in modules
Currently finish()
layer is confusing and hard to use because wire format for answer is already generated at point where finish()
is called. This does not allow modules to easily manipulate EDNS options in answer etc.
This is proposal for refactoring:
-
finish()
layer will be called before generating wire format, but all the results including AD bit etc. are already processed and present in respective structures - this will allow modules to manipulate EDNS (e.g. to implement NSID in a module) -
checkout()
- layer will be called after generating wire format and server selection so the module will know exactly what is going to be sent out, to what address and over what protocol - this will allow us to move TLS padding to a module