Commit Graph

1504 Commits

Author SHA1 Message Date
Frank Denis 1a34c8d5ff Add max-stale cache control directive to requests 2020-07-09 21:42:35 +02:00
Frank Denis 8dd4612ea7 Don't use Lumberjack for non-regular files
Fixes #1407
2020-07-08 13:48:04 +02:00
Frank Denis 04b49fd355 Rename the generate-domains-blacklists folder
This is going to break all the scripts using this in a cron job
after an update :/
2020-07-08 12:07:23 +02:00
Frank Denis 77a27a46a4 Rename the python script name in the example config 2020-07-08 12:05:42 +02:00
Ian Bashford af564522ec
Further block/allow updates (#1406)
* ConfigFile change to allowlist and blocklist

* revised names and warnings

* consistent file naming in kebab case, and generic use of blocklist and allowlist in cmoments for clarity

* update ci files

* further allow/blocklist updates

* improve language in comments

Co-authored-by: Ian Bashford <ianbashford@gmail.com>
2020-07-08 12:01:06 +02:00
Frank Denis 10710def50 Make loggers io.Writer implementations, not directly lumberjack objects 2020-07-08 11:36:58 +02:00
Frank Denis 7bec554709 Remove fritz.box after all 2020-07-08 11:03:45 +02:00
Frank Denis 45b915882a Update deps 2020-07-07 14:12:02 +02:00
dependabot-preview[bot] 29c2b76edd
Bump github.com/miekg/dns from 1.1.29 to 1.1.30 (#1403)
Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.29 to 1.1.30.
- [Release notes](https://github.com/miekg/dns/releases)
- [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release)
- [Commits](https://github.com/miekg/dns/compare/v1.1.29...v1.1.30)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-07 13:27:53 +02:00
hugepants 038ebea0ed
Update broken_implementations with Quad9 -pri suffix (#1398) 2020-07-03 15:28:09 +02:00
hugepants 63c8f0610f
Update broken_implementations list with updated Quad9 v3 names (#1390) 2020-07-03 14:05:39 +02:00
Frank Denis 9bc5bb0e14 Clarify 2020-07-03 13:03:57 +02:00
Frank Denis 90df0292c8 Remove unneeded brackets 2020-07-03 12:59:51 +02:00
yofiji 7a6f1461f8
Add option to go direct for failed certificate retrieval via relay (#1397)
* Add option to go direct for failed certificate retrieval via relay

* add direct_cert_fallback to example config file

Co-authored-by: yofiji <you@example.com>
2020-07-03 12:58:36 +02:00
Frank Denis 5e2f1c4146 Clarify that skipAnonIncompatbibleResolvers does what it says 2020-07-02 13:45:19 +02:00
Frank Denis ece0c76172 Add fritz.box IP to the cloaking rules example
Fixes #1392
2020-07-01 09:20:44 +02:00
Krish De Souza 7b1ccd1053
Issue #1380: Reenable HTTP/2 for local DoH (#1384)
+Updated ci-test number 25 looking for invalid 404 to reflect changes here
2020-06-28 18:20:20 +02:00
Ian Bashford b089d49d25
ConfigFile change to allowlist and blocklist (#1375)
* ConfigFile change to allowlist and blocklist

* revised names and warnings

* consistent file naming in kebab case, and generic use of blocklist and allowlist in cmoments for clarity

* update ci files

Co-authored-by: Ian Bashford <ianbashford@gmail.com>
2020-06-26 23:18:30 +02:00
hugepants 19c0c3f7db
Add forward slashes to example stamp for consistency (#1388)
Seems to work with or without, but makes it consistent with the toml, the documentation and the stamp calculator.
2020-06-26 17:36:15 +02:00
Frank Denis 8935fa454a v2 -> v3 2020-06-21 22:20:34 +02:00
Frank Denis 239b00b624 Add ShiftLeft scan badge 2020-06-20 19:38:58 +02:00
Frank Denis 80942eb231 Don't forget Linux 2020-06-19 21:43:45 +02:00
Frank Denis 55ce158e37 Do we need to duplicate descriptors twice? 2020-06-19 21:42:20 +02:00
Frank Denis 539924f85f Downgrade x/text to a single version 2020-06-19 20:56:21 +02:00
Frank Denis 1124b8304e Remove dependency 2020-06-19 20:16:37 +02:00
Frank Denis 80dfffc4ee Unbreak CI 2020-06-19 20:16:21 +02:00
Frank Denis 03746b76bf Capitalize 2020-06-19 11:39:44 +02:00
IceCodeNew c8d099735b
Disable Sysctl list and AdAway, introduce GameIndustry.eu; Remove Chinese IT companies' top domain from whitelist. (#1365)
* Disable Sysctl list, Introduce GameIndustry.eu

* The host file from http://sysctl.org/cameleon/ is no longer updated, therefore it should be disabled.

* Introduce a new rule maintained by GameIndustry.eu. I only pick the rule sets that NextDNS provides to its customers of their choice, as these rule sets are generally seen as stable and reliable.
However I don't play game so much, there is no way to perform a fully test on my side. There is no FP detected during the couple of days while I using this rule set. And I've gone through the entire contents of the host file in roughly, the entries all seem reasonable to me.

* Disable rule set from AdAway by default

~~It doesn't take long for jedisct1 add baidu.com, and 163.com into whitelist after I introduced this rule into the configuration file, so I guess that the AdAway rule set must have presented a lot of false positives.~~
~~However, these Chinese IT companies are notorious for their extensive user-tracking tactics. Whitelist their top domain may not a good idea.~~
~~My suggestion is to simply disable the ruleset present FP, and let software like ABP or AdGuard do the most elaborate work. - Blocking on the DNS level has its limitations.~~
2020-06-19 00:32:01 +02:00
Prabhu Subramanian 6ee8a14deb
Add shiftleft scan (#1372)
* Create shiftleft-analysis.yml

* Remove comments

Co-authored-by: Frank Denis <124872+jedisct1@users.noreply.github.com>
2020-06-19 00:30:59 +02:00
Frank Denis 6235c11c77 When forking, relocate descriptors higher up
Channels used by the `services` module may use descriptors, so we don't
want to overwrite them.

Maybe
fixes #1371
2020-06-19 00:04:54 +02:00
Frank Denis 6dc484c177 Update deps 2020-06-18 23:19:28 +02:00
Frank Denis e1d6e27a8a Add CodeQL scan result 2020-06-15 20:25:52 +02:00
Frank Denis 5f3b568de3
Add CodeQL scan 2020-06-15 20:02:22 +02:00
Frank Denis 703059922f Easylist has false positives 2020-06-14 15:25:45 +02:00
Frank Denis 06705a6d14 Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy
* 'master' of github.com:jedisct1/dnscrypt-proxy:
  Bump
2020-06-12 14:24:31 +02:00
Frank Denis 5b24439f99 Why the heck is Energized BLU blocking VK? 2020-06-12 14:24:11 +02:00
Frank Denis 65f42918a1 Bump 2020-06-11 17:10:33 +02:00
Frank Denis c59caf3a63 Try oisd list by default, mainly because it tries to avoid FPs 2020-06-11 13:16:50 +02:00
Frank Denis 576162d9bf Remove CodeQL/ShiftLeft until they are enabled for the org 2020-06-11 11:46:17 +02:00
Frank Denis d55421df96 Don't bind listening sockets with the -list/-list-all options
Fixes https://github.com/Homebrew/homebrew-core/pull/55998
2020-06-11 11:41:17 +02:00
Frank Denis 9cce77cc53 No need to import the dnsstamps package twice 2020-06-11 11:13:41 +02:00
Frank Denis 4f47cd0f4f Avoid implicit memory aliasing in for loop 2020-06-11 11:10:33 +02:00
Frank Denis de6afd5a4c Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy
* 'master' of github.com:jedisct1/dnscrypt-proxy:
  Create shiftleft-analysis.yml
  Create codeql-analysis.yml
  Revert "Fix unit tests on Win10 (attempts 1 and 2)"
  sources_test: set bit 16 of the port instead of adding zeros (#1358)
  Fix unit tests on Win10 (attempt 2)
2020-06-11 11:03:30 +02:00
Frank Denis 9f9a17ed6b doh_client_x509_auth: don't ignore errors 2020-06-11 11:03:17 +02:00
Frank Denis 0fd0a1a939
Create shiftleft-analysis.yml 2020-06-11 10:55:08 +02:00
Frank Denis 8a99b3ed93
Create codeql-analysis.yml 2020-06-11 10:53:45 +02:00
William Elwood 2018945fdf Revert "Fix unit tests on Win10 (attempts 1 and 2)"
This reverts commit 92dda0d55a.
This reverts commit 5a1fdc8cd6.
2020-06-10 19:45:11 +01:00
Frank Denis f4d519092b
sources_test: set bit 16 of the port instead of adding zeros (#1358)
Ok @welwood08
2020-06-10 20:24:41 +02:00
William Elwood 92dda0d55a Fix unit tests on Win10 (attempt 2)
Thanks to @lifenjoiner for testing! Windows 10 behaves even more unexpectedly.
After it parses the "ip:port" string as a hostname, it attempts to upgrade from
http to https by appending `:443` and parsing that new URL again.
This seems to happen concurrently with the doomed DNS lookup and we see the
error from whichever fails first.
2020-06-10 12:10:51 +01:00
Frank Denis 8c42c465b2 Be even more explicit 2020-06-10 11:38:46 +02:00