Add some utilities to be able to provide a proper DNS device for MirageOS

[dinosaure]

This PR wants to provide a connect_device which can be used by a MirageOS device and expects raw arguments (due to the fact that it's not possible to extend converters in Mirage) and try to parse them. If these arguments are wrong, we just fails. The semantic of arguments is not yet clear but it's a draft. The idea is to have 3 arguments:

• --dns-authenticator which can add an authenticator to a specific IP address
• --dns-nameserver which can add a possible nameserver to our DNS object. If we found an authenticator associated to the given IP address, we use it and consider that the flow must use TLS. Otherwise, it's a plaintext communication
• --dns-protocol which defines which transmission protocol we want to use (default to udp)

With all of these arguments, the Dns_client_mirage.S, the new connect_device function and mirage/mirage#1292, we are able to provide a simple DNS device which can be re-used then by Happy_eyeballs. Related to mirage/mirage#1291.

[dinosaure]

I said on others PRs:

NOTE: by design, connect_device should not appear into the signature but only into the functor. I put it but if you are more confident to put it outside (as any devices in mirage), I can do it.

[dinosaure]

I updated the PR with what we did on ocaml-x509 (it deleted the direct dependency to hex and astring). Then, I decided to split authenticator argument by a comma such as: --dns-authenticator <ipaddr>,<authenticator>.

[dinosaure]

I force-pushed a new version according the new version of x509.0.16.0 and the new release of ipaddr.5.3.0 (which is not yet released but it will be soon). I integrated your comment @hannesm and provide a better way to unserialize nameservers given by the mirage tool. Tell me what you think about that.

[hannesm]

Tanks again for your work, I reviewed it and pushed two commits. The behavioural change is that udp is no more supported by nameserver_of_string -- since "let create" errors on `Udp, I don't think it is very useful to support udp in the nameserver_of_string. Also, "connect_device" has been renamed to "connect". The default authenticator is now Ca_certs_nss.authenticator.

WDYT?

[dinosaure]

I don't have strong opinion with what you did, it's perfect for me to, then, be able to propose a new device on the mirage side 👍 .

[hannesm]

(force-pushed after merge of #300 to allow CI to succeed)