Frank Denis
7621737dde
Improve debugging
2020-03-26 13:30:39 +01:00
Frank Denis
7424f1a8b7
Try harder to work around Cisco and Quad9 bugs
2020-03-25 20:10:11 +01:00
Frank Denis
81c8d68462
Pad queries to 1472 bytes for implementations with broken padding
...
Quad9 doesn't return TC when responses are larger than the question;
it doesn't return anything instead :(
2020-03-25 18:06:02 +01:00
Frank Denis
dd37eaed7c
Retry over TCP on UDP timeouts
2020-03-25 17:45:59 +01:00
Frank Denis
49910d2f72
Localize some error values
2020-03-13 18:44:30 +01:00
Frank Denis
19647e03a6
Overwrite the server name only when we need to send an upstream query
2020-03-13 17:52:09 +01:00
Kevin O'Sullivan
c040b13d59
Adding the ability to do TLS client authentication for DoH ( #1203 )
...
* Adding the ability to do TLS client authentication for DoH
* whitespace nit
* Check for server specific creds before wildcard
* small comma ok idiom change
2020-03-09 22:11:53 +01:00
Frank Denis
aa0e7f42d3
Make the xTransport functions return the HTTP body directly
...
This simplifies things, but also make RTT computation way more reliable
2020-02-21 22:33:34 +01:00
Frank Denis
70311614a0
Improve error message on DNSSEC failure
2020-01-31 10:58:07 +01:00
Frank Denis
f34d7b60fa
Implement serve-stale
2020-01-30 13:15:29 +01:00
Frank Denis
f22461374c
Retry UDP queries on timeout
2020-01-29 18:53:39 +01:00
Frank Denis
4d788aed85
Make UDP and TCP code similar when it comes to SOCKS proxying
...
Actually use the relay when both a relay and a SOCKS proxy are
configured.
Keep forcing TCP when SOCKS is enabled. I couldn't get UDP proxying
to work with Shadowsocks.
2020-01-27 16:07:08 +01:00
Frank Denis
c27d41faa0
Avoid unneeded DNS packet unpacking
2019-12-23 11:37:45 +01:00
Frank Denis
b1c08f8931
Handle Drop/Synth actions the same way in query and response plugins
2019-12-17 16:28:12 +01:00
Frank Denis
66799c4159
Add the ability to block undelegated DNS zones
...
Using the generic pattern matcher as a first iteration, but we can
save some memory and CPU cycles by building and using a critbit tree
directly.
2019-12-16 16:18:47 +01:00
Frank Denis
a635e92606
Add a new plugin to block unqualified host names
2019-12-09 20:25:38 +01:00
milgradesec
8efbf401c8
add error checks
2019-12-09 12:50:30 +01:00
Frank Denis
3a4bc98073
Handle clientsCount in the local DoH handler, too
2019-12-03 13:04:58 +01:00
Frank Denis
3b50caf4cd
Add a default local DoH path, print the URLs
2019-11-29 08:53:13 +01:00
Frank Denis
f18dbc71ec
Make the local DoH path configurable
2019-11-28 23:49:28 +01:00
Frank Denis
6a679cc543
Move local DoH configuration to its own section
2019-11-28 17:04:29 +01:00
Frank Denis
be996c486f
Local DoH support, continued
2019-11-28 16:46:25 +01:00
Frank Denis
1966a8604b
up
2019-11-26 01:36:35 +01:00
Frank Denis
f249813cc5
First bits towards providing access over DoH in addition to DNS
...
Mainly to deal with the Firefox+ESNI situation
2019-11-24 22:46:27 +01:00
Frank Denis
30b5507bf4
Make the part that creates or gets sockets more readable
2019-11-24 22:12:23 +01:00
Frank Denis
45cb7b48df
Format
2019-11-17 21:28:26 +01:00
Frank Denis
06c0fbb65b
Add NETWORK_ERROR
2019-11-17 19:48:15 +01:00
Frank Denis
ca7e5e5bcb
Rename a few things
2019-11-17 15:07:40 +01:00
Frank Denis
15b405b552
Support workarounds for ancient/broken implementations
...
Fixes #984
2019-11-16 18:51:16 +01:00
William Elwood
7e73a26a2f
Move most of the prefetching code into sources.go
...
The proxy shouldn't need to know how prefetching works, just that it needs to do it occasionally. Now the prefetching algorithm can be refactored without having to touch the proxy code.
2019-11-08 10:17:12 +01:00
William Elwood
78f2dead79
Move prefetch URLs onto Source struct
...
This is mostly in preparation for further refactoring, but does reduce the number of return values from `NewSource()` too.
2019-11-08 10:17:12 +01:00
Frank Denis
da3f30871f
Revert "fix: proxy: Trigger query logging plugins using defer"
...
This reverts commit fc9509a8c8
.
2019-11-05 00:54:03 +01:00
Eric Lagergren
1c9924e055
check error that was being erroneously shadowed
2019-10-31 17:55:26 +01:00
Frank Denis
3a68f90c37
Back to 2.0.29 beta 3 ( ceed905196
)
2019-10-31 17:50:19 +01:00
Frank Denis
fb1fc14317
Revert "refactoring of pull 980"
...
This reverts commit 6fa420a8e0
.
2019-10-31 17:36:59 +01:00
Vladimir Bauer
6fa420a8e0
refactoring of pull 980
...
follow up on https://github.com/DNSCrypt/dnscrypt-proxy/pull/980#issuecomment-548153169
2019-10-31 15:04:12 +01:00
Eric Lagergren
7f82c2504d
check error that was being erroneously shadowed
2019-10-31 09:52:05 +01:00
Vladimir Bauer
6680faf665
make sure tcp/udp Conn are closed on stop signal
2019-10-25 12:56:34 +02:00
Frank Denis
ceed905196
Add a more explicit message when a user is set on Windows
2019-10-25 12:53:59 +02:00
Frank Denis
a26b2b42f0
Rename negTTL to rejectTTL to avoid confusion with cacheNegTTL
2019-10-21 18:26:49 +02:00
Markus Linnala
bb01595320
feature: Add neg_ttl for rejected entries and cloak_ttl for cloaking-rules
...
entries
Previously cache_min_ttl was used. But one can certainly set
cache_min_ttl to 0, but still ensure synthetic values have ttl.
Hence new config file options.
2019-10-21 18:12:49 +02:00
Frank Denis
92e632daf1
Fail on failure :)
2019-10-20 23:07:36 +02:00
Markus Linnala
1cb9a360de
fix: proxy: Add missing logging in a case where flow does not return
2019-10-20 22:27:30 +02:00
Frank Denis
74c1f4a00d
Use the relay for cert retrieval over TCP, tooo
...
But don't use a relay if a proxy has been specified already
2019-10-20 21:45:19 +02:00
Markus Linnala
fc9509a8c8
fix: proxy: Trigger query logging plugins using defer
...
This is more robust and uses lot less lines.
2019-10-20 21:30:24 +02:00
Frank Denis
320197a00e
Accept relay names in routes, improve documentation
2019-10-20 14:19:21 +02:00
Frank Denis
fbe9f225dd
Reencrypt on TCP retries
2019-10-20 02:04:32 +02:00
Frank Denis
d6b63aaf15
Pad certificate requests and add support for proxies
2019-10-19 22:08:02 +02:00
Alison Winters
ac6fd3db39
differentiate between timeout and other error for dnscrypt servers
2019-10-19 10:36:26 +02:00
Markus Linnala
0058bc063e
feature: service_linux: Support systemd watchdog
2019-10-19 09:36:39 +02:00