1
0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2024-12-13 22:46:44 +01:00
Commit Graph

105 Commits

Author SHA1 Message Date
Frank Denis
b4356b9fc8 Update deps 2019-11-29 00:06:14 +01:00
Frank Denis
578f359f23 Update kardianos/service 2019-11-17 22:54:56 +01:00
Frank Denis
071dceef31 Update deps 2019-11-17 19:50:40 +01:00
Frank Denis
568376ea13 Update deps 2019-11-14 22:34:38 -05:00
William Elwood
4324a09fc9 Fix failing tests on Windows
To simulate failures opening a cache file, fixtures are written without the read permission bits.
Since Unix permission bits have no meaning on Windows, a slightly more complicated solution is required to achieve the same permissions.
Thankfully, there's a library to abstract that already.
2019-11-08 10:17:12 +01:00
William Elwood
af0629856c Add unit tests for sources.go
Tests cover most of the cache and download related code paths and specify the expected result of various starting states and external failure modes.
Where the current code's behaviour doesn't match a test's expectations, the test is disabled and annotated with a TODO until it can be fixed.
Added dependency on `github.com/powerman/check` and ran `go mod vendor`.
2019-11-08 10:17:12 +01:00
William Elwood
503bfb877b go mod tidy
```console
$ go mod tidy -v
(snip)
unused github.com/agl/ed25519
```
Also add base .gitattributes file to normalize line endings in the repository across differing developer environments.
2019-11-08 10:17:12 +01:00
Frank Denis
e6a4a4ffda Update deps 2019-11-05 01:32:38 +01:00
Frank Denis
c5bda9e2ae Update deps 2019-10-31 18:00:44 +01:00
Frank Denis
d17b572b75 Update deps 2019-10-26 16:51:14 +02:00
Frank Denis
e6b9f3c2c0 Update go-dnsstamps 2019-10-14 10:50:09 +02:00
Frank Denis
67f46b3c3e Update go-dnsstamps 2019-10-14 02:24:04 +02:00
Frank Denis
aaf493714b Service fix for Catalina 2019-10-12 22:05:46 +02:00
Frank Denis
d2db6b55a8 Update deps 2019-10-12 21:22:15 +02:00
Frank Denis
8c147c7efd Manually pin dependency revisions 2019-09-09 18:45:42 +02:00
Frank Denis
e49823d328 More deps update 2019-09-09 18:08:44 +02:00
Frank Denis
1a06806477 Revert "Use CIRCL for X25519. That makes ephemeral key computation faster."
This reverts commit 5d130cdf0b.

Revert "Kill nacl/box"

This reverts commit dd9cf5cc9a.
2019-09-09 17:43:30 +02:00
Frank Denis
5c9c20c974 swizzle 2019-09-07 16:26:31 +02:00
Frank Denis
cef00d5d0b Update deps 2019-09-07 11:04:40 +02:00
Frank Denis
9b33aba757 Update deps 2019-07-06 18:03:41 +02:00
Frank Denis
dd9cf5cc9a Kill nacl/box 2019-06-24 19:13:34 +02:00
Frank Denis
d80e72365f Update deps 2019-06-24 14:55:34 +02:00
Frank Denis
5d130cdf0b Use CIRCL for X25519. That makes ephemeral key computation faster. 2019-06-24 14:17:00 +02:00
Frank Denis
14d6345d6b Deps update 2019-06-04 09:51:48 +02:00
Frank Denis
11311d663d Update deps 2019-06-02 13:25:06 +02:00
Frank Denis
f8415c4a4b Update deps 2019-05-31 22:49:25 +02:00
Frank Denis
71858bfc98 Update deps 2019-04-28 23:19:52 +02:00
Frank Denis
25ac94e7b2 Revert "Add Stretch-Hash-and-Truncate option for extreme DNS privacy"
This reverts commit 2d1dd7eaab.
2019-04-02 01:57:48 +02:00
Frank Denis
2d1dd7eaab Add Stretch-Hash-and-Truncate option for extreme DNS privacy
This works over DNSCrypt and DoH, but requires a specifically configured
server.

Instead of sending the actual DNS queries, the SH-T system works as follows:

Step 1: the client query is evaluated through Argon2id, a military-grade,
memory-hard, CPU-hard stretching function. This makes it very expensive
for an attacker to find the original query, even using GPUs and ASICs.
For post-quantum resistance, we use it to generate a 1024-bit key.

Step 2: in case the Argon2id algorithm has a vulnerability, or, since this
is a popular function used for hashing passwords and for cryptocurrencices,
and people may have built rainbow tables already, we use a hash function over
the result of the previous function. This immediately defeats rainbow tables.

Step 3: the output of the hash function is truncated to 64-bit.
Due to a property of this operation known as collision-misresistance, and even
if the previous steps fail due to a nation-state actor, it is impossible for a
server operator to prove what exact query was originally sent by a client.

This feature is experimental.
2019-04-01 09:36:56 +02:00
Frank Denis
674bd30d45 Update dependencies 2019-04-01 08:21:17 +02:00
Frank Denis
c16016b112 Update deps 2019-03-14 02:17:58 +01:00
Frank Denis
b624f8ef58 Accept sdns: scheme without a namespace 2019-03-03 18:20:39 +01:00
Frank Denis
c3e29c2a60 Switch to Go modules 2019-03-01 18:44:37 +01:00
Frank Denis
d0ca608cb7 Update deps 2019-02-23 13:44:05 +01:00
Frank Denis
31d6b0b879 Update deps 2018-11-22 17:26:43 +01:00
Frank Denis
9c17f476f3 Update deps 2018-11-15 13:38:08 +01:00
Frank Denis
8be1fef464 Update deps for BSD 2018-10-03 18:36:19 +02:00
Frank Denis
76fdb51c38 Update deps for Go 1.11 2018-10-02 18:06:43 +02:00
Frank Denis
40f2dc6a7d Apply kardianos/service PR #144 2018-08-23 00:25:56 +02:00
Frank Denis
e3d5f3e6e5 Update deps 2018-08-23 00:23:59 +02:00
Frank Denis
7740e9d3bc Update dep and deps 2018-08-10 01:39:33 +02:00
Frank Denis
35e4d36f67 Add sys/unix for pledge 2018-07-07 20:39:04 +02:00
Frank Denis
648c0df016 Update deps 2018-07-07 20:35:02 +02:00
Frank Denis
4a3be6086e Update deps 2018-07-05 15:44:04 +02:00
Frank Denis
02888adff3 Deps update 2018-06-26 15:40:08 +02:00
Frank Denis
7f8b8d043e Remove old daemonization code
We will be able do it using fork+exec
2018-06-13 17:31:47 +02:00
Frank Denis
8d99e95288 Update deps 2018-06-13 16:52:04 +02:00
Frank Denis
5b1fc8da2a Update deps 2018-06-06 16:10:10 +02:00
Frank Denis
cdfe7ba673 Deps update 2018-05-31 19:08:31 +02:00
Frank Denis
b9764f8248 Add minisign/.travis 2018-05-19 10:44:10 +02:00