Frank Denis
48817a4642
Unbeta
2019-12-21 21:29:13 +01:00
unknown
a7922a81fb
add some nonexistent zones
2019-12-21 14:34:29 +01:00
Frank Denis
80d45a2343
2.0.36-beta.1
2019-12-18 12:44:24 +01:00
Frank Denis
3fce30d7a5
Rename PluginsActionForward to PluginsActionContinue
...
Set the correct response code when forwarding
2019-12-17 19:19:36 +01:00
Frank Denis
daf6d5881d
The default return code must be PASS
2019-12-17 18:54:49 +01:00
Frank Denis
b1c08f8931
Handle Drop/Synth actions the same way in query and response plugins
2019-12-17 16:28:12 +01:00
Frank Denis
a23f07a93d
Add an IP blacklist example
2019-12-17 15:25:39 +01:00
William Elwood
d88995aac6
Minor comment fix
...
I noticed while writing the functionality tests that comments about relative paths disagreed with what the code was doing.
While the executable directory is used if the configuration file itself can't be found, `cdFileDir(foundConfigFile)` is always executed after the configuration file is found whether that's the same as the executable's directory or not.
Also a couple of punctuation nits.
2019-12-17 14:28:06 +01:00
Frank Denis
3c6f87527f
Undelegated zones are not dot suffixed any more
2019-12-17 11:08:22 +01:00
Frank Denis
4fd54a4919
Store the normalized qName in the plugin state
...
We now enforce the fact that a query always include a question.
It holds true for all practical use cases of dnscrypt-proxy.
This avoids quite a lot of redundant code in plugins, and is faster.
2019-12-17 10:11:41 +01:00
Frank Denis
ee24bf0421
Bump
2019-12-16 23:06:56 +01:00
Frank Denis
07e605e9f4
Add a note about dnsmasq
...
In the config file, so that it has more visibility than in the doc.
Synthetic responses cannot contain NSEC or RRSIG records, and that
seems to be confusing dnsmasq.
2019-12-16 17:23:22 +01:00
Frank Denis
eedabcbd4a
Reverse
2019-12-16 17:05:05 +01:00
Frank Denis
cba755b4d1
Lowercase the question
2019-12-16 17:03:16 +01:00
Frank Denis
7066e53843
Pre-add the final dot
2019-12-16 16:39:30 +01:00
Frank Denis
1b276be85d
Rewrite block_undelegated without the generic pattern matcher
2019-12-16 16:35:08 +01:00
Frank Denis
2d25719a69
Reuse the same variable
2019-12-16 16:32:49 +01:00
Frank Denis
66799c4159
Add the ability to block undelegated DNS zones
...
Using the generic pattern matcher as a first iteration, but we can
save some memory and CPU cycles by building and using a critbit tree
directly.
2019-12-16 16:18:47 +01:00
Frank Denis
aa5350c7fd
Missed blockedName->xBlockedName renaming
...
Fixes #1116
2019-12-16 12:13:23 +01:00
Frank Denis
c1202457bf
Json -> JSON
2019-12-11 14:08:48 +01:00
Frank Denis
a7b7bdc11e
Compress synthetic responses
2019-12-11 14:02:56 +01:00
Frank Denis
9553d7f8c5
Copy the DO bit from questions to synthetic responses
2019-12-11 13:56:25 +01:00
Frank Denis
1674bb1742
Force clear the AD bit unless the DO bit was also set
2019-12-11 09:41:16 +01:00
Frank Denis
ee1c0fed93
Properly set DNS flags when creating empty responses
2019-12-11 09:00:29 +01:00
Frank Denis
3b4d6c532d
A URL path must start with a /
2019-12-10 16:04:37 +01:00
Frank Denis
279d5619e3
Don't block '.'
2019-12-10 00:03:41 +01:00
Frank Denis
548a439528
Bump
2019-12-09 20:56:59 +01:00
Frank Denis
a635e92606
Add a new plugin to block unqualified host names
2019-12-09 20:25:38 +01:00
Frank Denis
56d02597a6
Extend the grace period and log when it's used
2019-12-09 17:08:59 +01:00
Frank Denis
21a5765527
Rename resolveWithCache() and make the comment match what the fn does
2019-12-09 17:03:16 +01:00
Frank Denis
2d8fd40481
Don't use named return values just for one value, especially an error
...
Be consistent with the rest of the code
2019-12-09 16:59:02 +01:00
Frank Denis
3e32d38f29
Explicit initialization
2019-12-09 16:56:43 +01:00
Frank Denis
49460f1d6f
pidfile.Write() can fail if no pid file was configured, it's ok
2019-12-09 13:34:14 +01:00
Frank Denis
7991b91f21
Downgrade error level of pidfile.Write() to Critical
2019-12-09 13:08:03 +01:00
Frank Denis
b5bb0fd504
If we can't disconnect from the Service Manager, it's no big deal
2019-12-09 13:07:47 +01:00
Frank Denis
bfd74185f5
Don't prevent DNS queries from being answered if the partition is full
2019-12-09 12:55:26 +01:00
milgradesec
8efbf401c8
add error checks
2019-12-09 12:50:30 +01:00
Frank Denis
ba8565a59e
Shorten conditions
2019-12-09 10:07:05 +01:00
milgradesec
96d15771e2
add multiple error checks
2019-12-09 09:56:47 +01:00
Frank Denis
59f2df6318
Recommend more names to be forwarded
2019-12-07 17:38:07 +01:00
Frank Denis
62f0b80c66
Add a comment regarding forwarding and ipv6 blocking
2019-12-06 19:41:33 +01:00
Frank Denis
db33c69fe5
Log the original qName when a CNAME pointer is blocked
2019-12-05 17:50:04 +01:00
Frank Denis
4d0c5ad569
Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy
...
* 'master' of github.com:jedisct1/dnscrypt-proxy:
Travis: use Ubuntu Bionic so we don't have to compile libsodium
Downcase wiki
Handle clientsCount in the local DoH handler, too
Remove beta
Bump deps
Fix typo
Bump
whitelist
Add some extra blacklists
2019-12-05 16:49:48 +01:00
Frank Denis
57a88eda56
Add (indirect) to the logged pattern for indirect blocks
2019-12-05 16:49:08 +01:00
Frank Denis
3a4bc98073
Handle clientsCount in the local DoH handler, too
2019-12-03 13:04:58 +01:00
Frank Denis
0de2246af2
Remove beta
...
Fixes #1086
2019-12-03 12:34:42 +01:00
glitsj16
443bdce879
Fix typo
2019-12-01 23:38:05 +01:00
Frank Denis
21c63a5608
Local-DoH: pad responses
2019-11-29 21:34:21 +01:00
Frank Denis
53dd5cd6c5
Clarify
2019-11-29 14:18:48 +01:00
Frank Denis
53924d4cf7
Unset GODEBUG - WHich means that Go 1.13 is now required for TLS 1.3
...
We could keep setting GODEBUG for compatibility with older versions, but
people complain that it prints debug warnings.
2019-11-29 14:00:21 +01:00