Commit Graph

348 Commits

Author SHA1 Message Date
Frank Denis 2eed62f1e2 Add a setMaxTTL() function
Will be useful to interprete HTTP cache headers in DoH
2018-02-04 12:39:33 +01:00
Frank Denis 454e1bdfbc Link to the latest draft of DNS-over-HTTPS 2018-02-04 12:20:26 +01:00
Frank Denis a4b70fa56d Last released candidate, so people can test cloaking 2018-02-04 12:00:24 +01:00
Frank Denis 9d69811de9 Add limits to HTTP requests 2018-02-04 11:33:04 +01:00
Frank Denis 9ee7e522b1 Proper stamps length check 2018-02-04 11:04:29 +01:00
Frank Denis cfeb25a4c2 cloak: decrement TTL 2018-02-04 09:36:57 +01:00
Frank Denis d005a76dc4 Add some comments 2018-02-04 02:29:09 +01:00
Frank Denis 18167c0f47 If we already performed a resolution before, even partial, don't retry
(at least until the TTL expires)

So, if www.google.com is cloaked, and forcesafesearch returns a A
record but no AAAA, return the cloaked A record for A queries, but
don't return the actual AAAA record for AAAA queries: return a
synthetic empty response instead.
2018-02-04 02:22:38 +01:00
Frank Denis 5c18c51116 We need to manage the TTL properly, but in the meantime, reduce log verbosity 2018-02-04 02:12:45 +01:00
Frank Denis 1e066e69b3 Import a cloaking example file 2018-02-04 01:57:18 +01:00
Frank Denis 033931a13a Add a new powerful plugin: DNS cloaking 2018-02-04 01:43:37 +01:00
Frank Denis e62dd27593 Use https for the remote source example
This can be changed back to http on platforms that don't have a clock
2018-02-03 22:01:09 +01:00
Frank Denis 93810e60d7 Set the default source refresh delay to 3 days 2018-02-03 18:55:46 +01:00
Frank Denis 588d8dabde rc2 2018-02-03 12:53:43 +01:00
Frank Denis faf80cd6f7 Recompress the logo 2018-02-03 12:15:24 +01:00
Frank Denis f513ab21fa Check if the config file exists from the current directory
Try the executable directory if it fails

Then, go to that config file directory no matter what

Fixes #80
2018-02-03 10:46:47 +01:00
Frank Denis 67b0d95ea1 Reduce log verbosity when ignore_system_dns = true
Fixes #81
2018-02-03 10:25:41 +01:00
Frank Denis db973f1aa9
Merge pull request #78 from mastad0n/patch-5
Fix mirror 404
2018-02-02 20:43:31 +01:00
Frank Denis 118ec5e0f0
Merge pull request #79 from mastad0n/patch-6
fix mirror 404
2018-02-02 20:43:19 +01:00
mastad0n d2a0cdf0c7
fix mirror 404 2018-02-02 11:28:40 -08:00
mastad0n 1feada737e
Fix mirror 404 2018-02-02 11:27:59 -08:00
Frank Denis cb911e6ed0 Add missing golang-lru files 2018-02-02 18:18:38 +01:00
Frank Denis a7ecb1a4a3 Update golang-lru 2018-02-02 17:46:45 +01:00
Frank Denis 1fcb0acc77
Merge pull request #77 from Zirkelite/systemd-service-update
Update systemd service to pull nss-lookup.target in.
2018-02-02 16:04:06 +01:00
Adrián Laviós Gomis 821646e7a4 Update systemd service to pull nss-lookup.target in.
According to systemd.special(7), nss-lookup.target is a Special Passive System Unit. This means that services depending on its functionality should order themselves after the target with an After= type dependency, but should not have a Wants= dependency for them. Therefore, nss-lookup.target should be pulled in by the providing services instead, or the consumer services will never be able to order themselves after the providing services since nss-lookup.target would not be pulled in at any point in the boot process. dnscrypt-proxy.service provides name lookup functionality, and has a Before= dependency on nss-lookup.target. However, it should have a Wants= dependency on it as well in order to indicate readiness of name lookup functionality.
2018-02-02 15:51:38 +01:00
Frank Denis 17c1806da3
Match blacklist.txt naming example
And match the configuration file format.

Fixes #74
2018-02-02 15:27:44 +01:00
Frank Denis 9dd68637fa
Merge pull request #75 from mastad0n/patch-1
Change to .toml format
2018-02-02 15:23:33 +01:00
Frank Denis 763f088eab
Merge pull request #76 from mastad0n/patch-4
Typo :)
2018-02-02 15:22:50 +01:00
mastad0n 06cf0cc1f7
Typo :) 2018-02-02 06:20:07 -08:00
mastad0n 79d6a9aa93
Change to .toml format
:)
2018-02-02 06:17:44 -08:00
Frank Denis dc070d56a4 Add nofilter to Google 2018-02-02 15:08:33 +01:00
Frank Denis c5283061cf Properly remove the default port 2018-02-02 15:07:12 +01:00
Frank Denis e4e351b854 Clear ServerName for -list-all
Suggested by @glitsj16, thanks!

Fixes #71
2018-02-02 14:51:14 +01:00
Frank Denis bf56644a49 Add a -list-all switch; add IPv6 & port number info to the JSON output 2018-02-01 21:48:46 +01:00
Frank Denis fe2bb3847b Update Travis for the new example file names 2018-02-01 19:01:02 +01:00
Frank Denis c2fb372112 Rename example files 2018-02-01 18:28:53 +01:00
Frank Denis 13952ffb1a Do not consider the absence a listening sockets an error
Because systemd.

Fixes #64
2018-02-01 16:59:48 +01:00
Frank Denis ac22f8a046 typo 2018-02-01 12:37:13 +01:00
Frank Denis 4a2253a897 Shrank 2018-02-01 10:35:27 +01:00
Frank Denis 9cf08bfad7 Shrink 2018-02-01 10:34:54 +01:00
Frank Denis 6efd904b9f 2.0.0 release candidate 2018-02-01 10:26:14 +01:00
Frank Denis db7ff80800 Nits 2018-02-01 10:25:16 +01:00
Frank Denis 107fc35d2a Support time access restrictions in substrings & glob patterns
Improve example
2018-02-01 09:47:37 +01:00
Frank Denis 1a34224c91 Rename time_ranges to schedules 2018-02-01 09:18:56 +01:00
Frank Denis cb0e2a1759 Indent sections in the example config file
It should make it more obvious that properties are tied to a section.

Fixes #62
2018-02-01 09:00:28 +01:00
Frank Denis 9b4eb54c0b Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy
* 'master' of github.com:jedisct1/dnscrypt-proxy:
  Move the time check function down, make it more readable
  time-based access control: done, for prefixes & suffixes rules
2018-02-01 08:51:54 +01:00
Frank Denis b88cfa0716 Typo, and use single quotes everywhere
Fixes #61
2018-02-01 08:51:29 +01:00
Frank Denis aa34dae308 Move the time check function down, make it more readable 2018-02-01 01:05:23 +01:00
Frank Denis 61592776e2 time-based access control: done, for prefixes & suffixes rules 2018-02-01 01:00:48 +01:00
Frank Denis 41a73ccb03 Time access restrictions [WIP]
Because my daughter spends way too much time on Youtube
Because people have been asking OpenDNS to implement this for the past 10 years
Because existing tools suck
Because I want something flexible, where every rule can be assigned a schedule
2018-01-31 23:08:38 +01:00