Frank Denis
|
d6be6f97ea
|
Update ChangeLog
|
2021-06-08 10:59:26 +02:00 |
Frank Denis
|
a85a003d2b
|
Filter relays by compatible type before selecting them
Fixes #1739
|
2021-06-08 10:52:06 +02:00 |
Frank Denis
|
5a9a6467df
|
Correctly check for empty/wrong relays
|
2021-06-08 10:27:03 +02:00 |
Frank Denis
|
ec581597a2
|
Require ODoH relays to be present
ODoH target stamps don't include certificate hashes; they are not
meant to be used directly.
|
2021-06-08 10:19:02 +02:00 |
Frank Denis
|
33ed882efe
|
Warn if fallback_resolvers is still in use
|
2021-06-08 09:53:53 +02:00 |
Frank Denis
|
b39232e996
|
this -> that
|
2021-06-08 01:14:11 +02:00 |
Frank Denis
|
9ebb90b22e
|
fallback -> bootstrap
|
2021-06-08 00:44:06 +02:00 |
Frank Denis
|
b1dd11be72
|
Dash
|
2021-06-07 19:05:15 +02:00 |
Frank Denis
|
6076e2dd03
|
www.msftncsi.com IPs update
|
2021-06-07 18:47:31 +02:00 |
Frank Denis
|
a0ecfd6a77
|
Thanks Chris!
|
2021-06-07 18:36:37 +02:00 |
Frank Denis
|
6c3cec2753
|
Accept warning for the direct ODoH test
|
2021-06-07 18:32:20 +02:00 |
Frank Denis
|
d0e27a1366
|
Update ChangeLog
|
2021-06-07 18:25:52 +02:00 |
Frank Denis
|
d5e9ed3aa9
|
Don't hardcode the HPKE cipher
|
2021-06-07 18:16:15 +02:00 |
Frank Denis
|
72a354caf9
|
Update go-hpke-compact
|
2021-06-07 18:11:58 +02:00 |
Frank Denis
|
45d3afc8f9
|
Call ObliviousDoHQuery() on the initial test
|
2021-06-07 17:32:34 +02:00 |
Frank Denis
|
e7f017c592
|
ODoH: try POST first, even without a relay
|
2021-06-07 17:19:56 +02:00 |
Frank Denis
|
4eab70b770
|
Indentation matters
|
2021-06-07 16:44:55 +02:00 |
Frank Denis
|
9263d1a01c
|
CI: odoh relays are not servers
|
2021-06-07 16:15:29 +02:00 |
Frank Denis
|
f8144f8db6
|
CI stamp update
|
2021-06-07 16:13:27 +02:00 |
Frank Denis
|
98ab4aee23
|
Update deps
|
2021-06-07 15:54:56 +02:00 |
Frank Denis
|
a2ebe0c4a4
|
dnscrypt-proxy/odoh.go -> dnscrypt-proxy/oblivious_doh.go
|
2021-06-07 15:53:11 +02:00 |
Frank Denis
|
e11b8b0c04
|
+ ODoH
|
2021-06-07 15:52:52 +02:00 |
Frank Denis
|
527c38ebc4
|
Update CI
|
2021-06-07 14:27:22 +02:00 |
Frank Denis
|
083fa0ad3c
|
Add an extra retry since ODoH servers are currently unstable
|
2021-06-07 13:49:37 +02:00 |
Frank Denis
|
f5a69c3bdc
|
Reduce delay
|
2021-06-07 13:46:44 +02:00 |
Frank Denis
|
9e96bbc20b
|
Continue, don't return
|
2021-06-07 13:44:08 +02:00 |
Frank Denis
|
a181a23263
|
Send a dummy initial query before RTT measurement in ODoH
|
2021-06-07 13:42:33 +02:00 |
Frank Denis
|
fad415f05a
|
Update example documentation
|
2021-06-07 13:37:08 +02:00 |
Frank Denis
|
29613096da
|
ODoH servers should not require a static configuration
|
2021-06-07 13:21:58 +02:00 |
Frank Denis
|
7980af6f46
|
Error propagation
|
2021-06-07 12:38:36 +02:00 |
Frank Denis
|
94151f9f96
|
Use ODoH relays in probes
|
2021-06-07 12:23:26 +02:00 |
Frank Denis
|
a11da2d4fb
|
ODoH: check certificate hashes
|
2021-06-07 12:09:27 +02:00 |
Frank Denis
|
e0483bbb27
|
Pretend not to always use the first ODoH config
|
2021-06-07 12:06:36 +02:00 |
Frank Denis
|
b35e27bd51
|
Shuffle ODoH target configs and use different NX queries
|
2021-06-07 12:05:42 +02:00 |
Frank Denis
|
4a4f69edb7
|
ODoH: only store working configurations
Actually, we only store the first one right now.
We should at least randomize them.
|
2021-06-07 12:02:21 +02:00 |
Frank Denis
|
96b05e57ca
|
Preliminary propoer ODoH initialization
|
2021-06-07 11:47:11 +02:00 |
Frank Denis
|
56f2e9adcc
|
server_name is ignored for x509 certs
|
2021-06-07 11:27:33 +02:00 |
Frank Denis
|
dc99f1bc2c
|
If you need this, implement it
|
2021-06-07 11:26:37 +02:00 |
Frank Denis
|
0d81fa2796
|
Remove doh_client_x509_auth stuf from fetchServerInfo
It doesn't belong there, and that feature doesn't do what it's
documented to do. It sets client certificates globally instead of
doing it per server.
|
2021-06-07 11:23:48 +02:00 |
Frank Denis
|
402860e2a6
|
ODoH broke DNSCrypt relays with wildcards - repair
|
2021-06-07 11:06:41 +02:00 |
Frank Denis
|
cd45f64c18
|
ODoH: until relay auto selection is implemented, pick random ones
|
2021-06-07 11:00:21 +02:00 |
Frank Denis
|
27a82c54c8
|
ODoH: handle relay IP addresses
|
2021-06-07 10:46:01 +02:00 |
Frank Denis
|
dce4db4c86
|
Construct net.URL directly
|
2021-06-07 10:08:55 +02:00 |
Frank Denis
|
525927e797
|
Don't use net/http
|
2021-06-07 10:05:20 +02:00 |
Frank Denis
|
3159bc3191
|
CI: use odoh-crypto-sx and odohrelay-fastly for testing ODoH
|
2021-06-06 22:42:33 +02:00 |
Frank Denis
|
e57d5173e9
|
Support GET in ODoH targets
|
2021-06-06 01:22:48 +02:00 |
Frank Denis
|
f542edacaa
|
ODoH: until detection is in place, without a relay, prefer GET
|
2021-06-06 01:15:28 +02:00 |
Frank Denis
|
92792f0e8b
|
Prevent remotely triggerable crash in ODoH config parser
|
2021-06-06 01:05:14 +02:00 |
Frank Denis
|
1cdb71cd7c
|
Avoid double slashes in ODoH relay URLs
|
2021-06-06 01:01:39 +02:00 |
Frank Denis
|
d2947cad75
|
Unbreak compilation
|
2021-06-06 00:14:56 +02:00 |