From 42a18a4a91ff734d2ae9a82866e6cb5bfabff210 Mon Sep 17 00:00:00 2001
From: devgianlu <altomanigianluca@gmail.com>
Date: Tue, 18 Feb 2025 13:04:58 +0100
Subject: [PATCH] RequestServer: Use default certificate for DNS over TLS

---
 Services/RequestServer/ConnectionFromClient.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Services/RequestServer/ConnectionFromClient.cpp b/Services/RequestServer/ConnectionFromClient.cpp
index 2c38d14d1b2..af93ebb835f 100644
--- a/Services/RequestServer/ConnectionFromClient.cpp
+++ b/Services/RequestServer/ConnectionFromClient.cpp
@@ -51,8 +51,12 @@ static NonnullRefPtr<Resolver> default_resolver()
         }
 
         if (g_dns_info.use_dns_over_tls) {
+            TLS::Options options;
+            if (!g_default_certificate_path.is_empty())
+                options.set_root_certificates_path(g_default_certificate_path);
+
             return DNS::Resolver::SocketResult {
-                MaybeOwned<Core::Socket>(TRY(TLS::TLSv12::connect(*g_dns_info.server_address, *g_dns_info.server_hostname))),
+                MaybeOwned<Core::Socket>(TRY(TLS::TLSv12::connect(*g_dns_info.server_address, *g_dns_info.server_hostname, move(options)))),
                 DNS::Resolver::ConnectionMode::TCP,
             };
         }