miracle091/dnscrypt-proxy
miracle091
/
dnscrypt-proxy
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,111 Commits 7 Branches 89 Tags 57 MiB
Commit Graph

44 Commits

Author SHA1 Message Date
YX Hao ac5087315c Listen `0.0.0.0` only on IPv4 2024-02-27 19:04:09 +08:00
Frank Denis aff09648bb Add support for extended error codes 2023-08-11 14:59:10 +02:00
Frank Denis acc25fcefb Format with gofumpt 2023-02-11 14:27:12 +01:00
Frank Denis 38e87f9a7b Add a constant for the maximum number of attempts 2022-06-28 18:30:15 +02:00
lifenjoiner 0e2bb13254
Fix goroutines memory leak by unbuffered channel blocking (#2136) 
* Use buffered channel to avoid goroutine hanging on

A send on an unbuffered channel can proceed if a receiver is ready.

* Balance captivePortalHandler.cancelChannels for Stop
 2022-06-28 18:28:57 +02:00
Frank Denis df3fb0c9f8 Keep lines short 
$ golines -w -m 120 --shorten-comments .
 2022-03-23 17:48:48 +01:00
Frank Denis 3bae61dbe1 Properly round the TTL 2021-09-24 09:26:31 +02:00
Frank Denis a4684d3bf5 Round TTLs 2021-09-23 19:10:40 +02:00
Frank Denis 8b3b7d38ac Set ttl to reject_ttl for HINFO refused responses 
Also lower the example TTL
 2021-07-16 16:40:21 +02:00
Frank Denis 85e7dddc9b Move a few DNS things to dnsutils 2020-12-12 23:09:15 +01:00
Frank Denis 2dda74647d Don't add padding unless the query has padding 
Or else Firefox craps out
 2020-01-31 11:17:36 +01:00
Frank Denis f17ce1ae0d Use constant, but arbitrary long padding 2020-01-29 17:57:59 +01:00
Frank Denis c27d41faa0 Avoid unneeded DNS packet unpacking 2019-12-23 11:37:45 +01:00
Frank Denis adb6dac420 Strip EDNS0 options in responses 2019-12-22 18:02:33 +01:00
Frank Denis 5118ed21fd Use dumb padding even for GET queries 
Resolvers such as Cloudflare always add padding to DoH responses
Resolvers such as Google only do if the question had dumb padding
Resolvers such as Cisco blindly return a copy of the question's padding
Some resolvers don't return any padding no matter what's in the question
Finally, other resolvers return FORMERR

This is a mess. A bad design inherited from DoT, that didn't fix
anything from Unbound's original experiment.

Also, padding with zeros as recommended is a bad idea. When using
GET, escaping makes the actual padding size 3 times as big as needed.
 2019-12-22 17:34:16 +01:00
Frank Denis 1585ede954 Use EDNS0 padding when using DoH over POST 
This mechanism is horrible, slow (requires re-unpacking and re-packing
the query), should be done at transport layer and not at content layer, and
of course, it is incompatible with some resolvers.

However, in spite of https://go-review.googlesource.com/c/go/+/114316/2/src/net/http/transfer.go ,
we may still end up sending the header and the content in distinct packets.

So, use that horror for POST queries only. For GET, this is not needed.
 2019-12-22 15:31:02 +01:00
Frank Denis 4fd54a4919 Store the normalized qName in the plugin state 
We now enforce the fact that a query always include a question.
It holds true for all practical use cases of dnscrypt-proxy.

This avoids quite a lot of redundant code in plugins, and is faster.
 2019-12-17 10:11:41 +01:00
Frank Denis a7b7bdc11e Compress synthetic responses 2019-12-11 14:02:56 +01:00
Frank Denis 9553d7f8c5 Copy the DO bit from questions to synthetic responses 2019-12-11 13:56:25 +01:00
Frank Denis 1674bb1742 Force clear the AD bit unless the DO bit was also set 2019-12-11 09:41:16 +01:00
Frank Denis ee1c0fed93 Properly set DNS flags when creating empty responses 2019-12-11 09:00:29 +01:00
Alison Winters 97e4c44223 remove err return values that are never set 2019-11-01 17:13:14 +01:00
Markus Linnala 63520e494d fix: updateTTL guard against overflow 2019-10-18 20:24:11 +02:00
James Newell d3ab899f7b blocked_query_response takes the format 'a:<IPv4>,aaaa:<IPv6>' for IP responses 2019-07-17 12:12:28 +02:00
James Newell 87bbfbfc10 add new option: 'respond_with_ip' 2019-07-17 12:12:28 +02:00
Frank Denis 8899389d8b Store IP addresses, not references 2019-02-25 18:25:35 +01:00
Frank Denis a726a40dc5 Add refused_code_in_responses 
Fixes #737
 2019-02-23 00:58:25 +01:00
Frank Denis cc327fdc48 OPT records don't have any class 2018-06-26 15:46:31 +02:00
Frank Denis 97f604670c Don't update OPT records 
Fixes #527
 2018-06-26 08:24:13 +02:00
Frank Denis b1447160a0 Add cache_neg_min_ttl and cache_neg_max_ttl 2018-04-17 00:24:49 +02:00
Frank Denis 4ec5461b2f Mark servers as failing more aggressively 2018-02-22 14:20:59 +01:00
Frank Denis 32db89d2ee Strip extra newline 2018-02-09 22:40:56 +01:00
Frank Denis ebe41535ba Format 2018-02-09 22:40:29 +01:00
Amit 5dbfc39f7d Cache Plugin: return non-fixed TTL for cached entries (refactor) 2018-02-09 22:13:24 +02:00
Amit 65dfa8ecca Cache Plugin: return non-fixed TTL for cached entries (refactor) 2018-02-09 22:11:12 +02:00
Amit 2a6a1852f1 Cache Plugin: return non-fixed TTL for cached entries 2018-02-09 17:59:04 +02:00
Frank Denis 458da8fa77 DoH: use 0 as a transaction ID 
Reject short TCP queries early by the way
 2018-02-04 12:57:54 +01:00
Frank Denis 2eed62f1e2 Add a setMaxTTL() function 
Will be useful to interprete HTTP cache headers in DoH
 2018-02-04 12:39:33 +01:00
Frank Denis 414d366cb2 Print the root zone as a dot rather than an empty string 
Fixes #7
 2018-01-19 12:33:27 +01:00
Frank Denis 170e2e816e Implement blocking, fully compatible with rules from version 1 2018-01-17 02:40:47 +01:00
Frank Denis 822ae27a46 Always use negative caching except on srvfail (and obviously on success) 2018-01-10 23:26:03 +01:00
Frank Denis 77cdc1db78 Start implementing a basic cache 2018-01-10 18:32:05 +01:00
Frank Denis f283105866 Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00
Frank Denis d8f8d561c8 Synthesize a truncated response if the response wouldn't fit the local MSS 2018-01-10 02:52:09 +01:00