Frank Denis
8a7569555c
Don't warn if lbStrategy is empty
2018-02-05 01:53:23 +01:00
Frank Denis
a43352e160
Make the load-balancing strategy configurable
2018-02-04 21:23:39 +01:00
Frank Denis
88434fc39f
Prepare support for multiple load balancing strategies
2018-02-04 21:13:54 +01:00
Frank Denis
f319088506
restrict. is too restrictive
2018-02-04 15:20:17 +01:00
Frank Denis
6f546b4c21
Use Cache-Control
2018-02-04 13:48:51 +01:00
Frank Denis
ed60976dd2
Infer TTL from Date: and Expire: headers
...
Unfortunately, Google DNS sets Expire: to the same value as Date:
So we may want to use Cache-Control instead.
2018-02-04 13:35:40 +01:00
Frank Denis
458da8fa77
DoH: use 0 as a transaction ID
...
Reject short TCP queries early by the way
2018-02-04 12:57:54 +01:00
Frank Denis
2eed62f1e2
Add a setMaxTTL() function
...
Will be useful to interprete HTTP cache headers in DoH
2018-02-04 12:39:33 +01:00
Frank Denis
a4b70fa56d
Last released candidate, so people can test cloaking
2018-02-04 12:00:24 +01:00
Frank Denis
9d69811de9
Add limits to HTTP requests
2018-02-04 11:33:04 +01:00
Frank Denis
9ee7e522b1
Proper stamps length check
2018-02-04 11:04:29 +01:00
Frank Denis
cfeb25a4c2
cloak: decrement TTL
2018-02-04 09:36:57 +01:00
Frank Denis
d005a76dc4
Add some comments
2018-02-04 02:29:09 +01:00
Frank Denis
18167c0f47
If we already performed a resolution before, even partial, don't retry
...
(at least until the TTL expires)
So, if www.google.com is cloaked, and forcesafesearch returns a A
record but no AAAA, return the cloaked A record for A queries, but
don't return the actual AAAA record for AAAA queries: return a
synthetic empty response instead.
2018-02-04 02:22:38 +01:00
Frank Denis
5c18c51116
We need to manage the TTL properly, but in the meantime, reduce log verbosity
2018-02-04 02:12:45 +01:00
Frank Denis
1e066e69b3
Import a cloaking example file
2018-02-04 01:57:18 +01:00
Frank Denis
033931a13a
Add a new powerful plugin: DNS cloaking
2018-02-04 01:43:37 +01:00
Frank Denis
e62dd27593
Use https for the remote source example
...
This can be changed back to http on platforms that don't have a clock
2018-02-03 22:01:09 +01:00
Frank Denis
93810e60d7
Set the default source refresh delay to 3 days
2018-02-03 18:55:46 +01:00
Frank Denis
588d8dabde
rc2
2018-02-03 12:53:43 +01:00
Frank Denis
f513ab21fa
Check if the config file exists from the current directory
...
Try the executable directory if it fails
Then, go to that config file directory no matter what
Fixes #80
2018-02-03 10:46:47 +01:00
Frank Denis
67b0d95ea1
Reduce log verbosity when ignore_system_dns = true
...
Fixes #81
2018-02-03 10:25:41 +01:00
Frank Denis
dc070d56a4
Add nofilter to Google
2018-02-02 15:08:33 +01:00
Frank Denis
c5283061cf
Properly remove the default port
2018-02-02 15:07:12 +01:00
Frank Denis
e4e351b854
Clear ServerName for -list-all
...
Suggested by @glitsj16, thanks!
Fixes #71
2018-02-02 14:51:14 +01:00
Frank Denis
bf56644a49
Add a -list-all switch; add IPv6 & port number info to the JSON output
2018-02-01 21:48:46 +01:00
Frank Denis
fe2bb3847b
Update Travis for the new example file names
2018-02-01 19:01:02 +01:00
Frank Denis
c2fb372112
Rename example files
2018-02-01 18:28:53 +01:00
Frank Denis
13952ffb1a
Do not consider the absence a listening sockets an error
...
Because systemd.
Fixes #64
2018-02-01 16:59:48 +01:00
Frank Denis
ac22f8a046
typo
2018-02-01 12:37:13 +01:00
Frank Denis
6efd904b9f
2.0.0 release candidate
2018-02-01 10:26:14 +01:00
Frank Denis
db7ff80800
Nits
2018-02-01 10:25:16 +01:00
Frank Denis
107fc35d2a
Support time access restrictions in substrings & glob patterns
...
Improve example
2018-02-01 09:47:37 +01:00
Frank Denis
1a34224c91
Rename time_ranges to schedules
2018-02-01 09:18:56 +01:00
Frank Denis
cb0e2a1759
Indent sections in the example config file
...
It should make it more obvious that properties are tied to a section.
Fixes #62
2018-02-01 09:00:28 +01:00
Frank Denis
9b4eb54c0b
Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy
...
* 'master' of github.com:jedisct1/dnscrypt-proxy:
Move the time check function down, make it more readable
time-based access control: done, for prefixes & suffixes rules
2018-02-01 08:51:54 +01:00
Frank Denis
b88cfa0716
Typo, and use single quotes everywhere
...
Fixes #61
2018-02-01 08:51:29 +01:00
Frank Denis
aa34dae308
Move the time check function down, make it more readable
2018-02-01 01:05:23 +01:00
Frank Denis
61592776e2
time-based access control: done, for prefixes & suffixes rules
2018-02-01 01:00:48 +01:00
Frank Denis
41a73ccb03
Time access restrictions [WIP]
...
Because my daughter spends way too much time on Youtube
Because people have been asking OpenDNS to implement this for the past 10 years
Because existing tools suck
Because I want something flexible, where every rule can be assigned a schedule
2018-01-31 23:08:38 +01:00
Frank Denis
ba2293149e
phew
2018-01-31 22:49:40 +01:00
Frank Denis
d575ec8beb
bleh
2018-01-31 22:18:11 +01:00
Frank Denis
fe8ff9dcbb
Spaces
2018-01-31 20:07:52 +01:00
Frank Denis
7a8deebaf1
DoH: implement support for multiples cert hashes
2018-01-31 18:16:54 +01:00
Frank Denis
22e63774a1
Fix cert expiration warnings
...
Spotted by @CommanderRoot -- thanks!
2018-01-31 17:11:08 +01:00
Frank Denis
e91ce9eb3d
Nits
2018-01-31 15:08:58 +01:00
Frank Denis
d7ec318945
Accept sources without an URL; use v2 format by default for remote sources
2018-01-31 14:24:21 +01:00
Frank Denis
2d291ecad6
Add some comments
2018-01-31 12:17:14 +01:00
Frank Denis
148d900a72
Legacy format: store server descriptions
2018-01-31 09:45:10 +01:00
Frank Denis
f8a6e56026
-list -json now prints the list of available servers as JSON
...
Can be useful for GUIs, especially since this includes the description
2018-01-31 09:42:56 +01:00
Frank Denis
d42ab83184
ServerConfig -> StaticConfig to match the config file
2018-01-31 08:43:49 +01:00
Frank Denis
cdb8faba75
Nits
2018-01-31 08:40:20 +01:00
Frank Denis
f6571af24f
Nits
2018-01-31 08:38:22 +01:00
Frank Denis
5e8925523f
Split ConfigLoad a bit more
2018-01-31 08:32:44 +01:00
Frank Denis
16fc6b74e9
Split ConfigLoad()
2018-01-31 08:27:59 +01:00
Frank Denis
bbfcb0c5bd
nits
2018-01-31 00:37:56 +01:00
Frank Denis
c3414329b3
Warn about certificates that are about to expire
2018-01-31 00:33:00 +01:00
Frank Denis
86adb438e0
Set cert refresh delay default to 240 (4h)
2018-01-31 00:21:25 +01:00
Frank Denis
0cc76b8a77
Lower the log level for already registered servers
2018-01-31 00:19:53 +01:00
Frank Denis
a364e51d9e
Increase the cert refresh delay; make D1n0Bot happy
...
Decrease this for more reliability.
2018-01-30 23:53:33 +01:00
Frank Denis
76e5a99a5c
Move "refreshing certificates" to debug, display RTT even for 1 server
2018-01-30 23:50:42 +01:00
Frank Denis
8f72a82b13
Don't forget to prepend prefixes to names in v2 lists
2018-01-30 19:47:29 +01:00
Frank Denis
788e97cf86
Clarify
2018-01-30 19:47:26 +01:00
Frank Denis
a7d75c7923
Implement the nofilter filter
2018-01-30 19:16:38 +01:00
Frank Denis
3448b5b170
Add a -list option to display the list of available resolvers
2018-01-30 17:51:47 +01:00
Frank Denis
330d265dc2
CRLF
2018-01-30 17:43:15 +01:00
Frank Denis
e9b3a0e0b0
Space
2018-01-30 17:40:38 +01:00
Frank Denis
1d35e249c9
Add an option to always ignore the system resolver
...
This makes startup faster when DoH resolvers without a static IP
are used (Google).
2018-01-30 17:37:35 +01:00
Frank Denis
931916097e
Remove daemonize, at least from the configuration file example
...
daemonize only works on Linux so far, and it might not be secure not reliable
2018-01-30 16:12:36 +01:00
Frank Denis
ce2a730ab7
Remove unneeded port numbers
2018-01-30 16:10:46 +01:00
Frank Denis
c39197f7b2
Prepare for beta12
2018-01-30 15:58:13 +01:00
Frank Denis
61bad01726
Import xtransport
2018-01-30 15:51:07 +01:00
Frank Denis
ecaf18f614
Use a fallback resolver if the local DNS configuration doesn't work
...
This should fix all chicken-and-egg issues
2018-01-30 15:47:39 +01:00
Frank Denis
24c21d5eb2
Start moving things to a custom transport
2018-01-30 13:29:47 +01:00
Frank Denis
c2494cfc40
Make file paths relative to the path of the configuration file
2018-01-29 23:57:20 +01:00
Frank Denis
b6e5f55870
Move the proxy struct to its own file
2018-01-29 23:47:04 +01:00
Frank Denis
479d9d14fd
Reduce verbosity
2018-01-29 04:03:59 +01:00
Frank Denis
cf12fb170a
Use a custom transport and a host->ip cache
...
maybe
Fixes #45
2018-01-29 03:58:39 +01:00
Frank Denis
7acc38663b
Add Yandex to show that explicit server_names override require_*
2018-01-27 19:46:50 +01:00
Frank Denis
7a5484d983
Include Google cert hash
2018-01-27 19:14:08 +01:00
Frank Denis
9eeb68f3a1
beta11
2018-01-27 18:18:28 +01:00
Frank Denis
a7fe2aacb8
Show how to use two servers
2018-01-27 18:16:55 +01:00
Frank Denis
3c2cf2a1dc
Validate DoH certificate hashes
2018-01-27 17:48:53 +01:00
Frank Denis
5e3e66ac71
Of course Google DNS supports DNSSEC
2018-01-27 17:05:39 +01:00
Frank Denis
d2f6c69a2c
More checks on the response
2018-01-27 16:59:45 +01:00
Frank Denis
7dde2f4a37
Request DNSSEC signature in the DoH probe
2018-01-27 16:53:57 +01:00
Frank Denis
be1e99ea32
DoH: send a dummy query before measuring the RTT to ignore the handshake
2018-01-27 16:48:22 +01:00
Frank Denis
50d0c0449f
Initial support for DNS-over-HTTP2 -- Yes, it works with Google.
2018-01-27 15:26:08 +01:00
Frank Denis
85f8aa1000
Fix stamp proto initialization
2018-01-26 22:59:16 +01:00
Frank Denis
e16155e22a
DoHstamps
2018-01-26 20:38:31 +01:00
Frank Denis
3bbecdcde7
up
2018-01-26 20:16:45 +01:00
Frank Denis
29f1b083a0
Rename a few things to prepare for DoH support
2018-01-26 02:25:38 +01:00
Frank Denis
375378c15b
Rename "servers" to "static" for clarity
2018-01-25 17:41:36 +01:00
Frank Denis
1164dd4d4d
Comment the additional list of servers in the example
2018-01-25 15:59:22 +01:00
Frank Denis
ff5bba1ba4
up
2018-01-25 15:55:27 +01:00
Frank Denis
803bc18027
Use a v2 list
2018-01-25 15:17:46 +01:00
Frank Denis
79193e6ee3
Add support for V2 source format -- Goodbye, CSV.
2018-01-25 15:02:18 +01:00
Frank Denis
78e8abeebc
Use http://
2018-01-25 14:34:55 +01:00
Frank Denis
054461e240
Reserve identifiers for traditional nonencrypted DNS and for DoH
2018-01-25 14:31:18 +01:00
Adrián Laviós Gomis
023c3e78ee
Fix systemd socket support
2018-01-25 10:24:28 +01:00
Frank Denis
996d9be4e3
Improve message if /proc/self/exe doesn't exist (?)
...
Fixes #26
2018-01-24 16:55:28 +01:00
Frank Denis
732c451dd4
Add max_clients to cap the maximum number of client queries
2018-01-24 16:51:26 +01:00
Frank Denis
1dbc765fd7
crlf
2018-01-24 15:23:03 +01:00
Frank Denis
94f9c14ad7
Only attempt to use systemd on linux
...
Remove plan9 builds
2018-01-24 15:14:48 +01:00
Frank Denis
0b52211fa3
Update dnsc:// leftovers
2018-01-24 14:48:48 +01:00
Frank Denis
c184ce1a03
systemd support
...
How does it work? I don't know. Does it work? I don't know.
Would I encourage its use? No.
2018-01-24 14:44:32 +01:00
Frank Denis
0ce20518db
Make the UDP and TCP listeners more generic
2018-01-24 14:22:56 +01:00
Frank Denis
1bcb791270
up
2018-01-24 14:13:29 +01:00
Frank Denis
abb659eed2
Nits
2018-01-23 15:51:57 +01:00
Frank Denis
3a3535dcbc
Still tolerate hex-encoded pks, but emit a warning
2018-01-23 15:42:22 +01:00
Frank Denis
ccbdd41f5d
Add support for shorter stamps with binary public keys
2018-01-23 15:23:11 +01:00
Frank Denis
2d7920af22
Prefer sdns:// which is less application-tainted
2018-01-22 12:00:42 +01:00
Frank Denis
d7b8217018
Only cache specific Rcodes
2018-01-22 11:19:57 +01:00
Frank Denis
973b53afdc
Simplify
2018-01-22 10:02:06 +01:00
Frank Denis
8324b29b42
Require stamps in static server definitions
...
Provider names, etc. are not future-proof. In particular, they are
incompatible with other protocols such as DoH.
2018-01-22 09:59:32 +01:00
Frank Denis
1d18a230c0
Consistent casing
2018-01-21 22:18:20 +01:00
Frank Denis
3dcedac390
beta8
2018-01-21 19:52:51 +01:00
Frank Denis
29fee1585f
abc.ex.com should be rejected if both ex.com and bc.ex.com are listed in a blacklist
...
With the following ruleset:
ex.com
bc.ex.com
"abc.ex.com" finds "bc.ex.com" as the longest suffix. However, since it's
not at a label boundary, it is not rejected.
However, there is a more general rule that should be considered, ex.com.
So we need to perform at least two lookups in that case.
2018-01-21 19:47:19 +01:00
Frank Denis
6ca2697128
Clear certIgnoreTimestamp if we found at live 1 live server
2018-01-21 18:14:37 +01:00
Frank Denis
8bcba92f97
Add an undocumented option to ignore cert timestamps
2018-01-21 18:10:38 +01:00
Frank Denis
05e07e8b69
Add a simple built-in DNS client for testing
2018-01-21 18:02:32 +01:00
Frank Denis
d9b5625226
IP blocking
2018-01-21 16:07:44 +01:00
Frank Denis
1c80e80a0d
Do not recommend block_ipv6
2018-01-21 00:54:20 +01:00
Frank Denis
f80c16ed2a
Slightly change the way we block ipv6
2018-01-20 22:30:36 +01:00
Frank Denis
f7b8b70322
Revert "AAAA filter: Reject instead of sending an empty response"
...
This reverts commit aceb8b30f7
.
2018-01-20 22:06:40 +01:00
Frank Denis
aceb8b30f7
AAAA filter: Reject instead of sending an empty response
...
Empty responses can cause issues with CNAME records
2018-01-20 20:37:02 +01:00
Frank Denis
4f0c36ac27
Don't log blocked suffixes in reverse
2018-01-20 17:25:16 +01:00
Frank Denis
a1461f3452
Remove unused variable
2018-01-20 17:14:21 +01:00
Frank Denis
5dd08fe56b
Fix swapped out arguments in substring check
...
*example.com* was matching ample.com, not xxxexample.comxxx
Fixes #14
2018-01-20 17:11:46 +01:00
Frank Denis
4f42dd01a4
nxlog
2018-01-20 17:03:48 +01:00
Frank Denis
1e0e01e8e1
NXLOG: a new output plugin to log suspicious queries
2018-01-20 16:59:40 +01:00
Frank Denis
47fdc45b2d
beta5
2018-01-20 14:15:20 +01:00
Frank Denis
ed50798049
Preliminary implementation of stamps
2018-01-20 14:13:11 +01:00
Frank Denis
88414e1448
Print stamps; require an env variable for debug level
2018-01-20 13:56:26 +01:00
Frank Denis
0fe21b2d57
Shortcut filters for the root zone
2018-01-20 13:30:19 +01:00
Frank Denis
066db6a080
Replace logged_qtypes with ignored_qtypes
2018-01-20 13:27:37 +01:00
Frank Denis
5080502381
" -> ' \because\people\still\use\backslahes\to\separate\path\components
2018-01-20 13:20:30 +01:00
Frank Denis
475d7edb2a
Fix suffix matching so that www.example is rejected if example is filtered
2018-01-20 13:18:54 +01:00
Frank Denis
b9e89d2278
megacheck
2018-01-20 01:00:19 +01:00
Frank Denis
187de17396
Don't prefetch more frequently than 1/min
2018-01-20 00:31:54 +01:00
Frank Denis
1c27d6c230
Improved error handling
2018-01-20 00:30:33 +01:00
Frank Denis
7fbb4c5428
Improve the prefetcher; run a dedicated goroutine
2018-01-19 23:43:45 +01:00
Frank Denis
2ab29a43d6
Reduce the noise
2018-01-19 22:37:05 +01:00
Frank Denis
6e1eaf7b90
More flexible logging; add support for the Windows event log
2018-01-19 20:06:04 +01:00
Frank Denis
4b4bf36633
Unreachable -> Timeout
2018-01-19 16:40:35 +01:00
Frank Denis
aac0078991
Choose if we want to use IPv6 and/or IPv4 servers
2018-01-19 16:38:43 +01:00
Frank Denis
3006a6f2b4
Print server names instead of provider names
2018-01-19 15:50:44 +01:00
Frank Denis
7103229609
Add a logged_qtypes feature to log only some query types
2018-01-19 12:57:47 +01:00
Frank Denis
414d366cb2
Print the root zone as a dot rather than an empty string
...
Fixes #7
2018-01-19 12:33:27 +01:00
Frank Denis
41d5de6e8d
Scheduling
2018-01-19 00:06:18 +01:00
Frank Denis
43e5689387
Schedule a prefetch if we got a set or its signature from a backup cache
...
This is not pretty, and has to be rewritten for the next beta
2018-01-18 23:54:53 +01:00
Frank Denis
008d2d9093
Increase refresh delay for server sets
2018-01-18 23:54:37 +01:00
Frank Denis
1b5e36432e
Remove cache files if we stored corrupted data
2018-01-18 23:33:30 +01:00
Frank Denis
f745eb578a
Check HTTP error codes
2018-01-18 23:31:14 +01:00
Frank Denis
a85d012a2b
Prefetch previously unreachable sources URLs after a server is reachable
...
Partial fix for #4
Pave the way for regular, background updates as well
2018-01-18 23:19:14 +01:00
Frank Denis
c4bd6eb9f0
Make the distinction between a usable cache and a hot cache
...
A hot cache is still fresh. A usable cache exists, and can act as a
backup solution is we can't fetch a list from a remote server.
2018-01-18 22:23:40 +01:00
Frank Denis
6c67739b56
bump
2018-01-18 22:23:37 +01:00
Frank Denis
35a65bc2fd
Use single quotes in the TOML file, mention that paths are relative
...
Fixes #5
2018-01-18 20:41:33 +01:00
Frank Denis
0fcbbfda1f
Add systemd readiness notification
2018-01-18 15:31:08 +01:00
Frank Denis
941a7b6f4f
Bring FS info level down to INFO, but store this information with the cert
2018-01-18 14:58:57 +01:00
Frank Denis
25664b9a99
Be more tolerant
2018-01-18 14:49:51 +01:00
Frank Denis
ed352cc28c
Reduce verbosity
2018-01-18 14:46:19 +01:00
Frank Denis
7e86477a7d
Make megacheck happier
2018-01-18 14:28:05 +01:00
Frank Denis
0a63975d48
Logs can now be sent to files or syslog in addition to stderr
2018-01-18 14:25:45 +01:00
Frank Denis
b0f6a04dc4
Reserve require_nofilter
2018-01-18 13:04:50 +01:00
Frank Denis
41a9bf5bf3
Add require_nolog and require_dnssec filters
2018-01-18 13:01:16 +01:00
Frank Denis
fd7838ee58
Add a -version command-line switch to print the version
...
Fixes #2
2018-01-18 12:22:25 +01:00
Frank Denis
0e03f684b2
Hotfix for OpenBSD and other OS whose init system is not supported yet
2018-01-18 02:08:08 +01:00
Frank Denis
8429df82fd
Perform an initial benchmark to use servers with the lowest latency
...
(initially according to the certificate rtt)
2018-01-17 22:12:34 +01:00
Frank Denis
9dcd37093d
Use all resolvers simultaneously, even the ones from remote sources.
...
Fireworks!
2018-01-17 21:41:36 +01:00
Frank Denis
df3a5f608d
Improve management of multiple servers, and unreachable-at-boot servers
2018-01-17 21:23:01 +01:00
Frank Denis
c46498c1d3
Nits
2018-01-17 17:25:43 +01:00
Frank Denis
1140e067ad
Retry more frequently if we don't have any useable certificates
...
This will ahve to be done at startup time as well.
2018-01-17 17:22:29 +01:00
Frank Denis
b9c43c8ef3
Add the ability to log blocked queries
2018-01-17 17:03:42 +01:00
Frank Denis
9f8bce28a4
Fix forwarding of subdomains
2018-01-17 16:16:22 +01:00
Frank Denis
f35357ef88
Simplify the forwarding syntax
2018-01-17 16:06:30 +01:00
Frank Denis
203cfafe35
Add a forwarding rules example
2018-01-17 12:34:05 +01:00
Frank Denis
adcdb94d99
Allow comments in the fowarding rules
2018-01-17 12:27:29 +01:00
Frank Denis
3fffbaa2a2
Support installation as a service
2018-01-17 11:28:43 +01:00
Frank Denis
3fe6dbd740
Preliminary support for running as a Windows service
2018-01-17 10:58:19 +01:00
Frank Denis
6ba5749c91
Freformat
2018-01-17 09:50:21 +01:00
Frank Denis
96dadc7aca
Forwarding plugin
2018-01-17 09:44:03 +01:00
Frank Denis
1b38364e48
Another example
2018-01-17 08:47:47 +01:00
Frank Denis
404fcea50b
Pattern matching in blacklists: done
2018-01-17 08:46:42 +01:00
Frank Denis
548d97989b
Comment
2018-01-17 02:42:01 +01:00
Frank Denis
170e2e816e
Implement blocking, fully compatible with rules from version 1
2018-01-17 02:40:47 +01:00
Frank Denis
0dcf2c9e06
Split plugins into individual files
2018-01-16 18:21:17 +01:00
Frank Denis
796186a078
Add support for LTSV query logging
2018-01-16 18:10:04 +01:00
Frank Denis
004fbef395
Fix source cache
2018-01-16 00:37:04 +01:00
Frank Denis
5685844f43
Implement query logging
2018-01-16 00:23:16 +01:00
Frank Denis
3ffad7be44
Add Init/Drop/Update methods to plugins
...
Eventually, we may want to provide a specific structure for plugin
initialization. Sending the whole Proxy structure doesn't scale well.
2018-01-15 23:07:41 +01:00
Frank Denis
b945e23101
Use time.Since()
2018-01-14 23:53:17 +01:00
Frank Denis
fee0a42dec
Plugins can now access the client IP. Useful for logging and ACLs.
2018-01-14 23:47:49 +01:00
Frank Denis
5e252372d5
Pass the client protocol around, don't infer it from clientAddr
2018-01-14 23:39:55 +01:00
Frank Denis
b2d297fb17
cd to the path of the executable file
2018-01-14 00:56:46 +01:00
Frank Denis
9640a38ff8
More explicit example name
2018-01-14 00:47:22 +01:00
Frank Denis
c3edfb0637
Don't print server public keys
2018-01-14 00:43:57 +01:00
Frank Denis
32b72f3eb3
up
2018-01-14 00:36:46 +01:00
Frank Denis
c90befd5a8
Fix getOne()
2018-01-14 00:34:28 +01:00
Frank Denis
9b6d527045
Better explain what cache_file should be set to
2018-01-14 00:24:05 +01:00
Frank Denis
4fef1a705c
Fix source cache
2018-01-14 00:20:22 +01:00
Frank Denis
5a65a3a084
Correct format
2018-01-14 00:17:46 +01:00
Frank Denis
01d424a942
Use net.ParseIP() to add missing port numbers
2018-01-14 00:15:01 +01:00
Frank Denis
1b7b6418f1
Restrict the set of resolvers used from a remote source
2018-01-14 00:10:20 +01:00
Frank Denis
13e30ade2b
Skip empty lines in the CSV file
2018-01-13 23:53:33 +01:00
Frank Denis
a361aa52f3
Preliminary support for remote sources
2018-01-13 23:52:44 +01:00
Frank Denis
e9faf4368c
Load the toml file from the current directory by default
2018-01-13 00:14:12 +01:00
Frank Denis
9a3cd91cd7
Use dlog for everything
2018-01-11 11:50:54 +01:00
Frank Denis
735213f45a
Use glog
2018-01-11 02:11:54 +01:00
Frank Denis
822ae27a46
Always use negative caching except on srvfail (and obviously on success)
2018-01-10 23:26:03 +01:00
Frank Denis
1527d6ed5e
Improve caching
2018-01-10 22:47:29 +01:00
Frank Denis
3dd473910b
Doc
2018-01-10 19:49:39 +01:00
Frank Denis
3fe60f64c4
So, daemonization only works on linux :/
2018-01-10 19:49:02 +01:00
Frank Denis
99c5273e3a
Add configuration cache size and other parameters
2018-01-10 19:32:56 +01:00
Frank Denis
b60c728067
If computeCacheKey ever returns an error, bubble it up
2018-01-10 19:23:24 +01:00
Frank Denis
132add7955
Use a LRU for the cache
2018-01-10 19:02:43 +01:00
Frank Denis
8e73bb4a2c
Working DNS cache
2018-01-10 18:53:09 +01:00
Frank Denis
77cdc1db78
Start implementing a basic cache
2018-01-10 18:32:05 +01:00
Frank Denis
f283105866
Implement the IPv6 block plugin
2018-01-10 17:23:20 +01:00
Frank Denis
fb16eadb24
Single entry for now
2018-01-10 16:43:11 +01:00
Frank Denis
fa22cc32d7
Basic load balancing/failover
...
Try to send queries to one of the two fastest servers
2018-01-10 16:42:14 +01:00
Frank Denis
9eeb799d6e
Many improvements
2018-01-10 16:01:29 +01:00
Frank Denis
32a8a3d3e2
Get the path to the config file from the command line
2018-01-10 13:40:50 +01:00
Frank Denis
6dfcb659d4
Handle daemonization
2018-01-10 13:33:06 +01:00
Frank Denis
b86e7f268e
Use more things from the config file
2018-01-10 12:09:59 +01:00
Frank Denis
2822a9781b
Add a config file
2018-01-10 12:02:09 +01:00
Frank Denis
20e3182692
Improve the plugins interface
2018-01-10 10:11:59 +01:00
Frank Denis
efd0477c2b
Implement an actual estimator for the response size
...
Scale back the minimum question size when relevant.
Did I mention that this is yet another thing that was never properly
implemented in dnscrypt-proxy 1.x?
2018-01-10 09:46:27 +01:00
Frank Denis
f4346691bc
Transform queries via an initial edns mangling plugin
...
Yet another thing that was utterly broken in dnscrypt-proxy v1.x
2018-01-10 09:04:03 +01:00
Frank Denis
705cf440b1
Skip queries without a question
2018-01-10 03:04:13 +01:00
Frank Denis
d8f8d561c8
Synthesize a truncated response if the response wouldn't fit the local MSS
2018-01-10 02:52:09 +01:00
Frank Denis
ab9006e74c
Be more tolerant with invalid/unsupported certificates
2018-01-10 00:38:37 +01:00
Frank Denis
3049f43bc7
Nits
2018-01-10 00:32:16 +01:00
Frank Denis
72a6963f2e
Cleanups
2018-01-10 00:31:12 +01:00
Frank Denis
35ec5bd044
We can now receive queries on UDP and forward them on TCP
...
Something that had never been possible with the old implementation
2018-01-09 20:10:06 +01:00
Frank Denis
1a59d93192
Support TCP connection to the backend
2018-01-09 19:47:24 +01:00
Frank Denis
888db6a8fb
The preferred protocol will be a global (for Tor users)
2018-01-09 18:42:24 +01:00
Frank Denis
ce5e0c8031
Try to retrieve the certificates using UDP before TCP
2018-01-09 18:37:37 +01:00
Frank Denis
841bf65d61
Reorganize
2018-01-09 18:32:14 +01:00