miracle091/dnscrypt-proxy
miracle091
/
dnscrypt-proxy
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,515 Commits 7 Branches 89 Tags 58 MiB
Commit Graph

1515 Commits

Author SHA1 Message Date
Frank Denis fa2b693506 Remove parse_time_restricted_list 2020-05-06 19:34:41 +02:00
David Refoua 5c36dcb818
move mis-categorized line (#1308) 2020-05-01 21:33:48 +02:00
Frank Denis 35a6fc858f CI: stop publishing MacOS binaries since they now require notarization 
Fixes #1300
 2020-04-28 10:00:49 +02:00
Frank Denis 3e264b9da9 Rename tls_client_auth to doh_client_x509_auth 
Maybe improves clarity? I can never remember what tls_client_auth does.
 2020-04-26 21:21:00 +02:00
Frank Denis 3775d59217 Add some comments for an obscure feature 2020-04-26 21:05:23 +02:00
Frank Denis 8f7015f0bc Avoid UTF-8 in domains-blacklist.conf 
Fixes #1299
 2020-04-26 20:53:47 +02:00
Frank Denis c6b32e0590 Another example of an IP blocklist 2020-04-26 19:42:42 +02:00
Frank Denis 80b95b1ba6 Use accessors for systemd things, too 2020-04-26 17:08:24 +02:00
Frank Denis 436bce9edf Define functions to register socket handles, to improve clarity 2020-04-26 16:52:50 +02:00
Frank Denis 38cfa437db Repair Local DoH; should fix CI tests 2020-04-26 16:34:26 +02:00
Frank Denis 12219c7490 listener->pc 
Spotted by @welwood08
 2020-04-26 16:19:49 +02:00
Frank Denis 52f87aee8e Accept data from systemd sockets at the same time as everything else 2020-04-26 15:00:39 +02:00
Frank Denis 4029d3d4f3 proxy.dropPrivilege() doesn't return on success 2020-04-26 14:49:43 +02:00
Frank Denis 3c510b74bb Start listeners as goroutines 2020-04-26 14:26:40 +02:00
Frank Denis c6b2869317 Update Poly1305 dep 2020-04-26 13:03:48 +02:00
Frank Denis 4a50736457 Only start accepting connections after everyting has been initialized 
Fixes #1295

And more. The estimator, key and servers list were not initialized either.
 2020-04-26 12:52:55 +02:00
Frank Denis 7d0e1440e1 ESNI has been renamed to ECHO 2020-04-24 11:15:40 +02:00
Frank Denis 252b10c996 Remove blacklisted names due to globbing patterns 
This is very clumsy, as it doesn't handle time-based rules properly,
and doesn't handle whitelists at all.

Adding globs to the "names" list is also an ugly hack just to have
them included in the final output.
 2020-04-22 17:55:24 +02:00
Frank Denis a71b531d2e Re-add -o / --output-file 2020-04-21 23:40:58 +02:00
Frank Denis dcd6f8448d Revert "Improve generate-domains-blacklist.py to remove redundant lines (#1184)" 
This reverts commit 58871de725.
 2020-04-21 23:08:40 +02:00
Huhni 58871de725
Improve generate-domains-blacklist.py to remove redundant lines (#1184) 
* Improve script to remove redundant lines

Let the script remove those lines that are covered by regular expressions already

* add optional "-o OUTPUT_FILE" argument 

This ensures that UTF-8 is used.
The redirect to file functionality from before is maintained, because "default=None" is used for the -o argument

I also fixed the formatting slightly to avoid newlines at the beginning of the file.

* improve glob matching

- rename regexes into globs 
- only check trusted (local) files for globs
- use fnmatch instead of manually converting globs into regular expressions and matching them
- modify is_glob function to check only for the following characters: * [ ] ?
- improve get_lines_with_globs function, by using the native filter and lambda functions
- improve covered_by_glob function, by checking if line is part of glob_list, instead of calling is_glob again
- print "ignored entries due to globs in local-additions" to the output as well to better differentiate from other duplicates
 2020-04-21 23:07:32 +02:00
Frank Denis 9519472bbe Don't print the proxy version in the child 2020-04-20 12:34:59 +02:00
Frank Denis 6f2dcb900a Drop privileges early 
Fixes #1265
 2020-04-20 12:27:53 +02:00
Frank Denis b6b7ed3a67 Dropping privileges doesn't work reliably on MacOS 2020-04-20 11:50:27 +02:00
Frank Denis abfd195e51 Use Kadhosts without controversies 
Fixes #1288
 2020-04-19 17:55:46 +02:00
Frank Denis 69a7d832c4 Remove lists that are pretty much empty 2020-04-19 17:52:16 +02:00
Frank Denis ccc91e28a3 Try enabling energized blu by default 
Quite a lot of domains in that list don't exist any more, though.
 2020-04-19 17:46:18 +02:00
Frank Denis 900ed13ff1 Remove banbenek's list 2020-04-19 17:39:53 +02:00
Frank Denis dd522bb726 Merge branch 'master' of github.com:DNSCrypt/dnscrypt-proxy 
* 'master' of github.com:DNSCrypt/dnscrypt-proxy:
  use global 'timeout' option for forwarding queries (#1284)
 2020-04-18 21:18:53 +02:00
Frank Denis 2779d92f01 Add some blacklists 2020-04-18 21:18:40 +02:00
29f f71244ed74
use global 'timeout' option for forwarding queries (#1284) 
* Update plugins.go

* Update plugin_forward.go
 2020-04-17 20:57:23 +02:00
Frank Denis 4f41fc3fee Add Geoffrey Frogeye's block list 2020-04-12 23:34:15 +02:00
Frank Denis 527764aba7 Upper case 2020-04-05 20:50:28 +02:00
Kiril Angov d2602fd142
Respect proxy.mainProto in forward plugin (#1259) 
* Respect proxy.mainProto in forward plugin

* Make the serverProtocol part of pluginsState instead
 2020-04-05 20:49:30 +02:00
Frank Denis f4631b9121 Remove unreachable code 
Spotted by @komapa
 2020-04-05 20:48:00 +02:00
Linuxfreak 76f6d02e52
Change URL of Block Spotify ads (#1266) 
The url of the Spotify-HOSTS.txt is changed. Path of "/filter/" is now "/filters/"
 2020-04-04 22:18:21 +02:00
Frank Denis 5930b45116 Farewall host-files.net domain list 
Fixes #1262
 2020-04-02 14:56:38 +02:00
kimw 4ce28473f4
Update example-ip-blacklist.txt (#1264) 
fix https://github.com/DNSCrypt/dnscrypt-proxy/issues/1261. remove `[` & `]`.
 2020-04-02 14:55:18 +02:00
Frank Denis f6b9706322 This reverts commit 876e389a0a. 
April 1st is almost over :)
 2020-04-01 21:55:17 +02:00
Frank Denis 876e389a0a Make doh.nsa.gov the default DNS server 2020-04-01 12:22:52 +02:00
Frank Denis 17fbad3648 Update deps 2020-04-01 12:15:13 +02:00
Frank Denis 1ff31f14f1 Remove the ct parameter from DoH queries 
That was a workaround for Google, but Google doesn't seem to need
it any more.
 2020-04-01 12:12:57 +02:00
Frank Denis eb372e7ce5 First release using GitHub Actions: success! Farewell, Travis. 2020-03-26 18:53:35 +01:00
Frank Denis 89dd0de6af Update ChangeLog 2020-03-26 18:38:15 +01:00
Frank Denis 8fc2f00ffb Probably older than version 1.4.0 2020-03-26 18:33:39 +01:00
Frank Denis 3ca80afb19 packets -> client queries 2020-03-26 17:25:52 +01:00
Frank Denis 74095d38ed Remove LargerResponsesDropped 
dnsdist drops DNSCrypt queries shorter than 256 bytes, interpreting them
as not being encrypted instead. This is surprising when doing ad-hoc
testing, but absolutely fine, and we will never send shorter encrypted
queries on normal circumstances.

So, remove a useless knob.
 2020-03-26 17:20:34 +01:00
Frank Denis fb04a62470 ChangeLog 2020-03-26 15:39:48 +01:00
Frank Denis b3fbc2304d All dnsdist servers exhibit the same behavior re: sending truncated responses 
A 128 bytes query will not get a 200 bytes response (randomly tested on
3.tlu.dl.delivery.mp.microsoft.com), not even a truncated one.

It may be related to fragments being blocked on the server socket, or a
different issue. We can expect everything to be back to normal in dnsdist
1.5.0 no matter what.
 2020-03-26 15:19:17 +01:00
Frank Denis 5049516f53 Add an option to ignore servers incompatible with anonymization 2020-03-26 13:41:57 +01:00