lifenjoiner
55fc4c207b
Log to console when in command mode ( #2167 )
...
Quick results.
Avoid overwriting the log file in use, by the same config most of the time.
2022-08-03 14:52:08 +02:00
Ian Bashford
baee50f1dc
xtransport layer to netip and immediate dependencies ( #2159 )
2022-08-01 22:31:12 +02:00
Frank Denis
8523a92437
Update example to include http3 configuration
2022-07-24 16:16:21 +02:00
Frank Denis
442f2e15cb
Make HTTP/3 support configurable
2022-07-24 16:13:14 +02:00
Frank Denis
5977de660b
Add suport for DoH over HTTP/3
2022-07-21 18:50:10 +02:00
lifenjoiner
91388b148c
Optimize stopping CaptivePortalHandler - 2 ( #2155 )
...
1. Fix early return that triggers port rebinding error by 8e46f447
.
2. Reduce waiting time while there are multiple listen_addresses.
2022-07-19 12:35:52 +02:00
lifenjoiner
8e46f44799
Optimize stopping CaptivePortalHandler ( #2151 )
...
* Optimize stopping CaptivePortalHandler
* Still use unbuffered channel as we close it instead of sending a signal
2022-07-14 21:53:13 +02:00
Frank Denis
3d641b758a
Bump
2022-07-13 18:49:50 +02:00
lifenjoiner
568f54fabb
Reduce comparisons ( #2148 )
2022-07-08 14:11:51 +02:00
Frank Denis
38e87f9a7b
Add a constant for the maximum number of attempts
2022-06-28 18:30:15 +02:00
lifenjoiner
0e2bb13254
Fix goroutines memory leak by unbuffered channel blocking ( #2136 )
...
* Use buffered channel to avoid goroutine hanging on
A send on an unbuffered channel can proceed if a receiver is ready.
* Balance captivePortalHandler.cancelChannels for Stop
2022-06-28 18:28:57 +02:00
Frank Denis
59ce17e0ab
No need to warn if this is then going to be an error
2022-06-24 15:41:05 +02:00
Frank Denis
8c43118b03
Stop mentioning "SERVFAIL" in info messages
2022-06-19 20:38:49 +02:00
ignoramous
7177a0ec74
dns64: preserve cnames in translated response ( #2129 )
...
* dns64: preserve cnames in translated response
* dns64: rename synthAAAAs to synth64
2022-06-16 00:53:50 +02:00
lifenjoiner
72a602577a
Raise error for invalid relay ( #2128 )
...
* Raise error for invalid relay
* Keep error messages the same
* Distinguish this from validation failed
2022-06-15 13:16:06 +02:00
lifenjoiner
0a0b69d93d
RUnlock for early exit ( #2127 )
2022-06-14 14:25:52 +02:00
lifenjoiner
6916c047e1
Use registeredServers slice copy during ServerInfo refreshing period ( #2125 )
...
goroutines:
proxy.updateRegisteredServers() versus proxy.serversInfo.refresh(proxy)
2022-06-13 17:51:33 +02:00
ignoramous
8d737a69f5
PluginDNS64: Use read and write mutexes as approp ( #2124 )
2022-06-12 11:27:55 +02:00
Frank Denis
866954fbad
PreferServerCipherSuites has been deprecated
2022-06-11 19:26:26 +02:00
Frank Denis
e477d0e126
We may not have a configured IP address
2022-06-11 19:23:58 +02:00
Frank Denis
e24fdd2235
Nits
2022-06-07 21:33:50 +02:00
livingentity
74fb5dabb9
fix negative rtt / shorten lines ( #2118 )
...
* fix negative rtt / shorten lines
* Update serversInfo.go
2022-05-18 17:57:57 +02:00
livingentity
207d44323d
Update serversInfo.go ( #2092 )
2022-04-16 21:26:38 +02:00
Frank Denis
5fca7ea49e
Back to VividCortex/ewma
2022-04-05 14:04:26 +02:00
Frank Denis
66f019d886
Revert "regression: fix ewma warmup again ( #2079 )"
...
This reverts commit f67e9cab32
.
2022-04-03 23:01:03 +02:00
livingentity
f67e9cab32
regression: fix ewma warmup again ( #2079 )
...
* Update estimators.go
* Update go.mod
* Update modules.txt
* Update go.sum
* Update serversInfo.go
* Update estimators.go
* Update serversInfo.go
2022-04-02 17:41:36 +02:00
Frank Denis
5d023d2a7c
Revert "New feature: sleep mode"
...
This reverts commit e931b234b7
.
2022-04-02 09:33:49 +02:00
Frank Denis
e931b234b7
New feature: sleep mode
2022-03-31 20:51:34 +02:00
Frank Denis
df3fb0c9f8
Keep lines short
...
$ golines -w -m 120 --shorten-comments .
2022-03-23 17:48:48 +01:00
Frank Denis
c0435772d4
-resolve: report ECS support
...
Note that we can't randomize the source network, as Google and
possible others refuse networks that don't get BGP announcements.
2022-03-14 17:04:54 +01:00
Frank Denis
49c17f8e98
-resolve: use TXT records to get resolver information
2022-03-14 16:11:10 +01:00
livingentity
87d9653ec2
Remove unused functions ( #2057 )
...
They aren't used anywhere.
2022-03-07 17:01:18 +01:00
BigDargon
d30c44a6a8
Change bootstrap resolver Quad9 (with ECS) ( #2056 )
2022-03-02 13:18:20 +01:00
Frank Denis
ca076ce133
Size estimator: provide the slide size
2022-02-21 14:16:13 +01:00
Frank Denis
034d3bd424
Switch to lifenjoiner's ewma variant
2022-02-21 09:14:24 +01:00
Frank Denis
9373cc7162
Use SimpleEWMA for the question size estimator
2022-02-20 23:40:32 +01:00
Frank Denis
cb140673fa
Set the number of warmup samples to 1 for the RTT estimator
2022-02-20 23:38:42 +01:00
Frank Denis
7956ba5b10
Switch to an ewma fork that allows setting the warmup samples #
2022-02-20 23:38:06 +01:00
livingentity
9ec8a35468
restore old logic/constants ( #2045 )
...
* fix indices
* Update serversInfo.go
For safety go back to former logic, just generalized for lbStrategy, until someone comes up with an actual improvement.
* restore old logic/constants
2022-02-19 17:55:36 +01:00
livingentity
ac6abfb985
LBStrategy-aware estimator ( #2043 )
...
* fix estimator
* LBStrategy-aware estimator
* typo
* cosmetics
2022-02-15 20:17:48 +01:00
quindecim
a20d1685b2
Another minor cosmetic fix to [example-dnscrypt-proxy.toml] ( #2036 )
2022-02-10 15:27:53 +01:00
livingentity
62092726ec
Minor cosmetic toml changes ( #2034 )
...
* Minor cosmetic toml changes
* Minor cosmetic toml changes
2022-02-10 08:49:04 +01:00
Frank Denis
f38a5463b0
Indent comments
2022-02-09 12:57:02 +01:00
quindecim
7a54406415
Use the same format logic throughout the document ( #2029 )
...
* Use the same spacing logic throughout the document
* Fix previous commit
* Fix previous commit, again
* Use the same logic in comments too
2022-02-09 12:49:22 +01:00
Frank Denis
4c67e790f6
-list command: print ODoH targets addresses
2022-02-01 08:19:46 +01:00
Frank Denis
4eeed5816f
Fix funky indentation for CloakedPTR
2022-02-01 08:18:45 +01:00
Frank Denis
c10e6e0635
Local DoH: add support for request using the GET method
...
Fixes #2012
2022-01-31 14:56:46 +01:00
mibere
706c1ab286
Download mirror dnscrypt.net removed ( #2003 )
2022-01-24 01:36:30 +01:00
cobratbq
7a8bd35009
systemd: use constants and update status on ready ( #1993 )
...
Systemd-notify signaling indicates the status of dnscrypt-proxy when
starting as 'Type=notify' systemd service. However, the status is not
updated when initialization completes, instead it always shows
"Starting". Now fixed.
2022-01-19 20:30:15 +01:00
Frank Denis
06733f57ed
If a relay has multiple names, print the one matching the protocol
...
Fixes #1992
2022-01-17 19:43:12 +01:00
Frank Denis
fbfc2d57a7
omit comparison to bool constant, can be simplified to !cloakedName.isIP
...
Reported by GitHub's code scanning
2021-12-16 10:43:40 +01:00
Ian Bashford
1b6caba307
allow ptr queries for cloaked domains ( #1958 )
...
* allow ptr queries for cloaked domains
* multi ips per PTR returned + cleanup
* some string tidy up
* enable config file switch
* add cloaked ptr test
* enable cloak ptrs in test scenario
* fix reverse ipv6 ptr lookup
* added ipv6 cloaked ptr test
2021-12-13 14:00:13 +01:00
CNMan
27e93a53cf
minor typo fix ( #1951 )
2021-11-30 18:26:34 +01:00
Frank Denis
561e849889
Add a forwarding example for local reverse entries
2021-10-17 15:53:54 +02:00
a1346054
766e149699
Fix typo and alignment in example-dnscrypt-proxy.toml ( #1915 )
2021-10-10 19:19:45 +02:00
Frank Denis
e1f3f58eed
Bump
2021-09-27 15:51:48 +02:00
Frank Denis
efcd392279
StaleResponseTtl -> StaleResponseTTL
2021-09-27 15:47:19 +02:00
Frank Denis
8da1b698ad
Revert "Pasto, thanks to @lifenjoiner"
...
This reverts commit 14ef11447e
.
2021-09-27 15:42:54 +02:00
Frank Denis
77b27d9293
Merge branch 'master' of github.com:DNSCrypt/dnscrypt-proxy
...
* 'master' of github.com:DNSCrypt/dnscrypt-proxy:
Make return value explicit
Repair stale respones for DoH
Define a constant for the TTL of stale responses
Update plugin_cache.go (#1900 )
2021-09-27 12:31:43 +02:00
Frank Denis
4c29840040
Revert "Print an error if a block/allow rule contains more than a pattern"
...
This reverts commit 6e8628f796
.
2021-09-27 12:29:41 +02:00
Frank Denis
b7704a05c5
Make return value explicit
2021-09-25 20:09:29 +02:00
Frank Denis
d82021b545
Repair stale respones for DoH
2021-09-25 19:53:43 +02:00
Frank Denis
e5608e08cf
Define a constant for the TTL of stale responses
2021-09-25 19:53:25 +02:00
livingentity
2a3e59c4bf
Update plugin_cache.go ( #1900 )
2021-09-25 19:04:17 +02:00
Frank Denis
3bae61dbe1
Properly round the TTL
2021-09-24 09:26:31 +02:00
Frank Denis
5fedbe4c6e
// +build -> //go:build
2021-09-23 19:16:26 +02:00
Frank Denis
b2f26192e1
gofmt
2021-09-23 19:16:12 +02:00
Frank Denis
a4684d3bf5
Round TTLs
2021-09-23 19:10:40 +02:00
Frank Denis
34f0caaa34
Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy
...
* 'master' of github.com:jedisct1/dnscrypt-proxy:
Enable HTTP/2 pings
Remove leftovers from the daemonize option
DoH/ODoH: strip optional port number when caching a hostname
Bump actions/setup-go from 2.1.3 to 2.1.4 (#1843 )
fix minor typo in example config (#1847 )
2021-09-23 18:38:50 +02:00
Frank Denis
75e917ae49
plugin_cache: update the response TTL, not the cached data
...
Fixes #1895
2021-09-23 18:37:40 +02:00
Frank Denis
8fc0ffc35f
Enable HTTP/2 pings
2021-09-21 12:57:42 +02:00
Frank Denis
97a983c6b3
Remove leftovers from the daemonize option
2021-09-09 11:26:17 +02:00
Frank Denis
0f00cd27f9
DoH/ODoH: strip optional port number when caching a hostname
...
Fixes #1861
2021-09-06 12:02:56 +02:00
Alison Winters
d8358b795f
fix minor typo in example config ( #1847 )
2021-08-29 11:11:52 +02:00
Aaron
b8c5790716
Add captive portal entry for dual stack setups ( #1835 )
...
For users with a dual stack set up at home (IPv4+native IPv6), Windows 21H1 will report that there is no Internet connection if this entry is missing from their captive portals file.
Signed-off-by: Aaron <admin@datahoarder.dev>
2021-08-20 17:32:32 +02:00
Frank Denis
9cb89ae410
odoh.md has been deprecated
2021-08-14 13:01:12 +02:00
Frank Denis
e83cb28ef5
Split ODoH servers and relays
2021-08-14 12:33:10 +02:00
Frank Denis
35c82e3dcf
Next will be 2.1.0
2021-08-13 19:20:27 +02:00
Frank Denis
1052fa6323
serve-stale on overflow
2021-08-04 14:30:32 +02:00
Frank Denis
c8a61abb79
Update comment
2021-08-04 14:27:58 +02:00
Frank Denis
e64425b5e7
On overflow, only respond to cached/synthesized queries
2021-08-04 14:27:24 +02:00
Frank Denis
da69583bd2
When we run out of connections, handle an extra one synchronously
2021-08-04 13:35:33 +02:00
Frank Denis
d996e3424d
No need to get the time if the connection is refused
2021-08-04 13:23:21 +02:00
Frank Denis
b4a073f54f
Typo
2021-08-03 11:24:16 +02:00
Frank Denis
0ca90dd8cc
xtransport: set a default error status code
2021-07-31 13:21:45 +02:00
Frank Denis
026c42424f
Workaround for ODoH relays not properly forwarding the status code
...
Some ODoH relays return a 200 status code even when the upstream
server returns something different. This is an issue after a key
update, where a 401 code is expected.
Handle empty responses with a 200 status code as a response with
a 401 code as a workaround until these relays are fixed.
2021-07-31 12:54:23 +02:00
Frank Denis
cedd4f3b54
xtransport: properly forward the status code on error
2021-07-31 12:38:10 +02:00
Frank Denis
796a7f6d31
Add an example for blocking private relay
2021-07-17 14:22:10 +02:00
Frank Denis
d35c1c3cb2
Lower reject_ttl even more
2021-07-16 16:46:50 +02:00
Frank Denis
8b3b7d38ac
Set ttl to reject_ttl for HINFO refused responses
...
Also lower the example TTL
2021-07-16 16:40:21 +02:00
Frank Denis
4caa7b6d64
Verbose
2021-06-12 14:48:02 +02:00
Frank Denis
9bea0e8f20
Nits
2021-06-12 14:16:20 +02:00
Frank Denis
b472fb3b21
Bump
2021-06-12 14:03:26 +02:00
Frank Denis
5fb2901dbc
Fuzz the stamps parser
2021-06-11 22:20:54 +02:00
Frank Denis
ccddb18424
Time to start fuzzing
2021-06-11 22:13:58 +02:00
Frank Denis
1b03ac817e
ODoH: supoprt config version 0x0001 in addition to 0xff06
2021-06-11 21:18:05 +02:00
Frank Denis
95c9fa75f8
Bump
2021-06-08 11:00:01 +02:00
Frank Denis
a85a003d2b
Filter relays by compatible type before selecting them
...
Fixes #1739
2021-06-08 10:52:06 +02:00
Frank Denis
5a9a6467df
Correctly check for empty/wrong relays
2021-06-08 10:27:03 +02:00
Frank Denis
ec581597a2
Require ODoH relays to be present
...
ODoH target stamps don't include certificate hashes; they are not
meant to be used directly.
2021-06-08 10:19:02 +02:00
Frank Denis
33ed882efe
Warn if fallback_resolvers is still in use
2021-06-08 09:53:53 +02:00
Frank Denis
b39232e996
this -> that
2021-06-08 01:14:11 +02:00
Frank Denis
9ebb90b22e
fallback -> bootstrap
2021-06-08 00:44:06 +02:00
Frank Denis
6076e2dd03
www.msftncsi.com IPs update
2021-06-07 18:47:31 +02:00
Frank Denis
d0e27a1366
Update ChangeLog
2021-06-07 18:25:52 +02:00
Frank Denis
d5e9ed3aa9
Don't hardcode the HPKE cipher
2021-06-07 18:16:15 +02:00
Frank Denis
45d3afc8f9
Call ObliviousDoHQuery() on the initial test
2021-06-07 17:32:34 +02:00
Frank Denis
e7f017c592
ODoH: try POST first, even without a relay
2021-06-07 17:19:56 +02:00
Frank Denis
a2ebe0c4a4
dnscrypt-proxy/odoh.go -> dnscrypt-proxy/oblivious_doh.go
2021-06-07 15:53:11 +02:00
Frank Denis
083fa0ad3c
Add an extra retry since ODoH servers are currently unstable
2021-06-07 13:49:37 +02:00
Frank Denis
f5a69c3bdc
Reduce delay
2021-06-07 13:46:44 +02:00
Frank Denis
9e96bbc20b
Continue, don't return
2021-06-07 13:44:08 +02:00
Frank Denis
a181a23263
Send a dummy initial query before RTT measurement in ODoH
2021-06-07 13:42:33 +02:00
Frank Denis
fad415f05a
Update example documentation
2021-06-07 13:37:08 +02:00
Frank Denis
29613096da
ODoH servers should not require a static configuration
2021-06-07 13:21:58 +02:00
Frank Denis
7980af6f46
Error propagation
2021-06-07 12:38:36 +02:00
Frank Denis
94151f9f96
Use ODoH relays in probes
2021-06-07 12:23:26 +02:00
Frank Denis
a11da2d4fb
ODoH: check certificate hashes
2021-06-07 12:09:27 +02:00
Frank Denis
e0483bbb27
Pretend not to always use the first ODoH config
2021-06-07 12:06:36 +02:00
Frank Denis
b35e27bd51
Shuffle ODoH target configs and use different NX queries
2021-06-07 12:05:42 +02:00
Frank Denis
4a4f69edb7
ODoH: only store working configurations
...
Actually, we only store the first one right now.
We should at least randomize them.
2021-06-07 12:02:21 +02:00
Frank Denis
96b05e57ca
Preliminary propoer ODoH initialization
2021-06-07 11:47:11 +02:00
Frank Denis
56f2e9adcc
server_name is ignored for x509 certs
2021-06-07 11:27:33 +02:00
Frank Denis
dc99f1bc2c
If you need this, implement it
2021-06-07 11:26:37 +02:00
Frank Denis
0d81fa2796
Remove doh_client_x509_auth stuf from fetchServerInfo
...
It doesn't belong there, and that feature doesn't do what it's
documented to do. It sets client certificates globally instead of
doing it per server.
2021-06-07 11:23:48 +02:00
Frank Denis
402860e2a6
ODoH broke DNSCrypt relays with wildcards - repair
2021-06-07 11:06:41 +02:00
Frank Denis
cd45f64c18
ODoH: until relay auto selection is implemented, pick random ones
2021-06-07 11:00:21 +02:00
Frank Denis
27a82c54c8
ODoH: handle relay IP addresses
2021-06-07 10:46:01 +02:00
Frank Denis
dce4db4c86
Construct net.URL directly
2021-06-07 10:08:55 +02:00
Frank Denis
525927e797
Don't use net/http
2021-06-07 10:05:20 +02:00
Frank Denis
e57d5173e9
Support GET in ODoH targets
2021-06-06 01:22:48 +02:00
Frank Denis
f542edacaa
ODoH: until detection is in place, without a relay, prefer GET
2021-06-06 01:15:28 +02:00
Frank Denis
92792f0e8b
Prevent remotely triggerable crash in ODoH config parser
2021-06-06 01:05:14 +02:00
Frank Denis
1cdb71cd7c
Avoid double slashes in ODoH relay URLs
2021-06-06 01:01:39 +02:00
Frank Denis
d2947cad75
Unbreak compilation
2021-06-06 00:14:56 +02:00
Frank Denis
3cf5c1ab8e
Limit the number of ODoH target configs
2021-06-05 18:35:45 +02:00
Frank Denis
06135b6141
Reduce MaxHTTPBodyLength
2021-06-05 18:29:13 +02:00
Frank Denis
44f3db31ee
Just a safeguard
2021-06-05 17:57:48 +02:00
Frank Denis
0a1d3b725c
Rename ODoHTarget to ODoHTargetConfig for clarity
2021-06-05 17:49:19 +02:00
Frank Denis
e27419f73d
x509.SystemCertPool() may fail
2021-06-03 20:59:05 +02:00
Frank Denis
ddcc40c954
Hardcode Let's Encrypt ISRG X1 cert
...
Some operating systems don't include it yet.
Thanks to @rs for the heads up
2021-06-03 12:48:33 +02:00
Frank Denis
14ef11447e
Pasto, thanks to @lifenjoiner
2021-05-13 10:30:57 +02:00
Frank Denis
6e8628f796
Print an error if a block/allow rule contains more than a pattern
...
... and it is not a time range.
2021-05-12 17:43:13 +02:00
Frank Denis
31f4d7aa03
Do not ignore ODoH encryption errors
2021-05-09 16:16:38 +02:00
Frank Denis
367b5062ec
Add another IP block list
2021-04-30 20:51:22 +02:00
Frank Denis
58e1410e66
Nits
2021-04-17 16:42:18 +02:00
Frank Denis
e2e32406fb
Improve ODoH log messages
2021-04-17 16:41:10 +02:00
Christopher Wood
23588733ae
Synchronously update the target configuration upon failure. ( #1671 )
...
* Synchronously update the target configuration upon failure.
* Notice a serverInfo failure when key updates fail.
* Add server name to debug logs.
2021-04-17 16:35:55 +02:00
Alison Winters
eda8dd5181
replace TrimFunc(s, IsSpace) with TrimSpace for ASCII optimization ( #1663 )
2021-04-05 11:46:57 +02:00
Frank Denis
3efbacc0d4
Rename
2021-03-30 11:53:59 +02:00