Frank Denis
19db1a1560
If we get a TLS handshake error, recommend using the default suite
2018-04-10 11:26:31 +02:00
Zhuoyun Wei
6d2330eaf0
Minor typo fixes in config files ( #338 )
2018-04-10 09:06:19 +02:00
Frank Denis
e3ad6b1c0e
Actually use a cache if tlsDisableSessionTickets is not set
2018-04-10 00:36:55 +02:00
Frank Denis
8bebb50d49
Nits
2018-04-09 23:58:36 +02:00
Frank Denis
37ebc1db0e
Replace @NET session with @SFC 2>&1 | FIND /i "/SCANNOW" >NUL
...
Fixes #336
2018-04-09 15:38:00 +02:00
Frank Denis
fbfa8f9aab
Do stop/start for restart
2018-04-09 15:36:19 +02:00
Frank Denis
aa538969a3
New beta
2018-04-09 13:27:02 +02:00
Frank Denis
44880f9b2c
Patterns are now fully supported in cloaking rules
...
Fixes #306
2018-04-09 13:26:50 +02:00
Frank Denis
7d10628a5f
New syntax for blocking/whitelisting rules: exact matching
...
Example: =example.com
Matches `example.com` but not `api.example.com`
2018-04-09 13:02:42 +02:00
Frank Denis
de6a8d230e
Use PolyChaCha, but more importantly, RSA by default
...
Even on non-ARM systems, this makes a difference in CPU usage/latency
2018-04-09 12:45:42 +02:00
Frank Denis
1a4d34dc55
Add golang.org/x/net/http2 to the dependencies
2018-04-09 11:56:49 +02:00
Frank Denis
751f049136
Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy
...
* 'master' of github.com:jedisct1/dnscrypt-proxy:
minor (#330 )
2018-04-09 03:13:05 +02:00
Frank Denis
ca80b69b3a
Re-implement ephemeral keys for DNSCrypt
2018-04-09 03:12:34 +02:00
Frank Denis
70dca19326
Clarify
2018-04-09 02:57:30 +02:00
Massimiliano Fantuzzi HB3YOE
b23a0fa007
minor ( #330 )
...
updated IETF draft link to version 5, updated the "official name" of the proposed protocol, which is indeed "DNS over HTTP" without S or 2.
2018-04-08 20:29:21 +02:00
Frank Denis
172159c00a
Use Go 1.10.1
2018-04-08 08:48:48 +02:00
Frank Denis
4439040bc8
patternMatcher: initialize the indirectVals map
2018-04-08 08:42:02 +02:00
Frank Denis
10baa245b2
Clarify
2018-04-07 23:27:57 +02:00
Frank Denis
fcdf7d7e55
Update ChangeLog
2018-04-07 23:14:15 +02:00
Frank Denis
517538bdb2
Less ###
2018-04-07 23:05:29 +02:00
Frank Denis
65e6b8569e
Implement whitelists
...
Fixes #293
2018-04-07 23:02:40 +02:00
Frank Denis
ceb2d55afd
Move time range things to their own file
2018-04-07 22:36:30 +02:00
Frank Denis
77d1b6d075
Spacing
2018-04-07 22:33:40 +02:00
Frank Denis
fbe91ee58b
No need to initialize xTransport before we have all the parameters
2018-04-07 22:33:11 +02:00
Frank Denis
dee7960be6
Bump keepalive up
2018-04-07 22:26:46 +02:00
Frank Denis
1fa3e5d7f3
Add options to set the cipher suite as well as disable session tickets
2018-04-07 22:23:29 +02:00
Frank Denis
a4366b0593
Update deps
2018-04-07 17:14:53 +02:00
Frank Denis
10986aba62
Add a MemUsage() helper
2018-04-07 17:05:55 +02:00
Frank Denis
5c86191e43
Use critibitgo
2018-04-07 16:59:10 +02:00
Frank Denis
58c7ff3d2f
We may not have a schedule for every rule
2018-04-06 20:18:15 +02:00
Frank Denis
105cb2c525
Make the pattern-matching code reusable
2018-04-06 20:14:19 +02:00
Frank Denis
8217170a7b
Revert "Do not consider SERVFAIL responses as server failures"
...
This reverts commit 0e65c50989
.
2018-04-06 13:43:09 +02:00
Frank Denis
2d27eabf95
Revert "Add a -v flag"
...
This reverts commit d8c95aaca8
.
2018-04-06 03:03:27 +02:00
Frank Denis
d8c95aaca8
Add a -v flag
...
Fixes #317
But makes me grumpy, because -v usually means `verbose` to me.
2018-04-06 03:01:42 +02:00
Frank Denis
0e65c50989
Do not consider SERVFAIL responses as server failures
2018-04-06 02:47:58 +02:00
Frank Denis
a938eeff7b
Mainly revert 869d44c30e
...
Fixing #304 doesn't look trivial
The service module needs to know the arguments right away.
The arguments haven't been parsed yet. And if we do, we will prevent
further arguments to be added to the set. Including the ones added
by the service module itself.
So, we have quite of a circular dependency here.
If someone with some Go knowledge can fix that, that would be amazing.
But it's probably never going to happen.
Meanwhile, we can try to save the current directory and document
that we have to be in that directory when running the install command.
Which is not going to work on Windows, so this is a big fucking mess
2018-04-03 20:15:33 +02:00
Frank Denis
c88e480a15
Include the -config option in the installed service
...
Untested on Linux and Windows. Fear.
Fixes #304
2018-04-03 19:42:27 +02:00
Frank Denis
869d44c30e
Reorder
2018-04-03 17:59:15 +02:00
Frank Denis
f0a690701d
Print "additional certificate" when a server has multiple valid certs
...
This doesn't mean anything but looks less confusing than having the
same message twice
Fixes #303
2018-04-02 20:55:42 +02:00
Frank Denis
d4367393c4
Add some links
2018-04-02 01:55:22 +02:00
Frank Denis
308ffff739
Make the keepalive configurable
...
Fixes #300
2018-04-02 01:49:09 +02:00
Frank Denis
b71e04c64e
Update miekg/dns to v1.0.5
2018-04-02 00:10:55 +02:00
Frank Denis
e210fc537e
Ignore the Cache-Control: max-age header
...
What's in the DNS packet is a better source of truth.
There was also an inconsistency between the TTL from the
max-age header (as returned in a response that wasn't cached) and
a response from the cache (using TTLs from the DNS packet).
So, just use what's in the packet.
Reported by @vavrusam, thanks!
2018-04-01 21:41:36 +02:00
Frank Denis
2dedd3a314
em dash
2018-04-01 17:19:39 +02:00
Frank Denis
2147a3a95f
Make this less confusing
2018-04-01 17:19:03 +02:00
Frank Denis
f3e3ff01c8
Nits
2018-04-01 17:14:44 +02:00
Frank Denis
22da6ca8da
Add some links
2018-04-01 17:13:53 +02:00
Frank Denis
adb0c94a61
April 1st is already over in some time zones :)
...
This reverts commit dac52ab42a
.
2018-04-01 16:35:32 +02:00
Frank Denis
dac52ab42a
Completely remove support for the DNSCrypt protocol
2018-04-01 04:04:12 +02:00
Frank Denis
2dcf5fe01a
Skip the signature in the example Google stamp
...
Example configuration files are updated less often than sources
2018-04-01 03:50:10 +02:00