Frank Denis
af0833387a
Close idle connections after an error; reduce idle connections timeout
2018-02-05 19:03:04 +01:00
Frank Denis
7f5d67881b
Add a super secret way to print cert hashes
...
Not so secret. The purpose is to avoid log pollution, while still
allowing people setting up DoH servers to quickly view the
certificate chain.
2018-02-05 13:24:17 +01:00
Frank Denis
5c52199ee1
draft 3 says queries should use "dns", previous drafts said "body"
...
Send both until servers adjust :/
2018-02-05 11:36:15 +01:00
Frank Denis
43f3e64bd9
DoH: fallback to GET on servers that don't support POST
2018-02-05 11:30:10 +01:00
Frank Denis
8a7569555c
Don't warn if lbStrategy is empty
2018-02-05 01:53:23 +01:00
Frank Denis
a43352e160
Make the load-balancing strategy configurable
2018-02-04 21:23:39 +01:00
Frank Denis
88434fc39f
Prepare support for multiple load balancing strategies
2018-02-04 21:13:54 +01:00
Frank Denis
f319088506
restrict. is too restrictive
2018-02-04 15:20:17 +01:00
Frank Denis
6f546b4c21
Use Cache-Control
2018-02-04 13:48:51 +01:00
Frank Denis
6b49470b95
Update deps, include cachecontrol
2018-02-04 13:48:40 +01:00
Frank Denis
ed60976dd2
Infer TTL from Date: and Expire: headers
...
Unfortunately, Google DNS sets Expire: to the same value as Date:
So we may want to use Cache-Control instead.
2018-02-04 13:35:40 +01:00
Frank Denis
458da8fa77
DoH: use 0 as a transaction ID
...
Reject short TCP queries early by the way
2018-02-04 12:57:54 +01:00
Frank Denis
2eed62f1e2
Add a setMaxTTL() function
...
Will be useful to interprete HTTP cache headers in DoH
2018-02-04 12:39:33 +01:00
Frank Denis
454e1bdfbc
Link to the latest draft of DNS-over-HTTPS
2018-02-04 12:20:26 +01:00
Frank Denis
a4b70fa56d
Last released candidate, so people can test cloaking
2018-02-04 12:00:24 +01:00
Frank Denis
9d69811de9
Add limits to HTTP requests
2018-02-04 11:33:04 +01:00
Frank Denis
9ee7e522b1
Proper stamps length check
2018-02-04 11:04:29 +01:00
Frank Denis
cfeb25a4c2
cloak: decrement TTL
2018-02-04 09:36:57 +01:00
Frank Denis
d005a76dc4
Add some comments
2018-02-04 02:29:09 +01:00
Frank Denis
18167c0f47
If we already performed a resolution before, even partial, don't retry
...
(at least until the TTL expires)
So, if www.google.com is cloaked, and forcesafesearch returns a A
record but no AAAA, return the cloaked A record for A queries, but
don't return the actual AAAA record for AAAA queries: return a
synthetic empty response instead.
2018-02-04 02:22:38 +01:00
Frank Denis
5c18c51116
We need to manage the TTL properly, but in the meantime, reduce log verbosity
2018-02-04 02:12:45 +01:00
Frank Denis
1e066e69b3
Import a cloaking example file
2018-02-04 01:57:18 +01:00
Frank Denis
033931a13a
Add a new powerful plugin: DNS cloaking
2018-02-04 01:43:37 +01:00
Frank Denis
e62dd27593
Use https for the remote source example
...
This can be changed back to http on platforms that don't have a clock
2018-02-03 22:01:09 +01:00
Frank Denis
93810e60d7
Set the default source refresh delay to 3 days
2018-02-03 18:55:46 +01:00
Frank Denis
588d8dabde
rc2
2018-02-03 12:53:43 +01:00
Frank Denis
faf80cd6f7
Recompress the logo
2018-02-03 12:15:24 +01:00
Frank Denis
f513ab21fa
Check if the config file exists from the current directory
...
Try the executable directory if it fails
Then, go to that config file directory no matter what
Fixes #80
2018-02-03 10:46:47 +01:00
Frank Denis
67b0d95ea1
Reduce log verbosity when ignore_system_dns = true
...
Fixes #81
2018-02-03 10:25:41 +01:00
Frank Denis
db973f1aa9
Merge pull request #78 from mastad0n/patch-5
...
Fix mirror 404
2018-02-02 20:43:31 +01:00
Frank Denis
118ec5e0f0
Merge pull request #79 from mastad0n/patch-6
...
fix mirror 404
2018-02-02 20:43:19 +01:00
mastad0n
d2a0cdf0c7
fix mirror 404
2018-02-02 11:28:40 -08:00
mastad0n
1feada737e
Fix mirror 404
2018-02-02 11:27:59 -08:00
Frank Denis
cb911e6ed0
Add missing golang-lru files
2018-02-02 18:18:38 +01:00
Frank Denis
a7ecb1a4a3
Update golang-lru
2018-02-02 17:46:45 +01:00
Frank Denis
1fcb0acc77
Merge pull request #77 from Zirkelite/systemd-service-update
...
Update systemd service to pull nss-lookup.target in.
2018-02-02 16:04:06 +01:00
Adrián Laviós Gomis
821646e7a4
Update systemd service to pull nss-lookup.target in.
...
According to systemd.special(7), nss-lookup.target is a Special Passive System Unit. This means that services depending on its functionality should order themselves after the target with an After= type dependency, but should not have a Wants= dependency for them. Therefore, nss-lookup.target should be pulled in by the providing services instead, or the consumer services will never be able to order themselves after the providing services since nss-lookup.target would not be pulled in at any point in the boot process. dnscrypt-proxy.service provides name lookup functionality, and has a Before= dependency on nss-lookup.target. However, it should have a Wants= dependency on it as well in order to indicate readiness of name lookup functionality.
2018-02-02 15:51:38 +01:00
Frank Denis
17c1806da3
Match blacklist.txt naming example
...
And match the configuration file format.
Fixes #74
2018-02-02 15:27:44 +01:00
Frank Denis
9dd68637fa
Merge pull request #75 from mastad0n/patch-1
...
Change to .toml format
2018-02-02 15:23:33 +01:00
Frank Denis
763f088eab
Merge pull request #76 from mastad0n/patch-4
...
Typo :)
2018-02-02 15:22:50 +01:00
mastad0n
06cf0cc1f7
Typo :)
2018-02-02 06:20:07 -08:00
mastad0n
79d6a9aa93
Change to .toml format
...
:)
2018-02-02 06:17:44 -08:00
Frank Denis
dc070d56a4
Add nofilter to Google
2018-02-02 15:08:33 +01:00
Frank Denis
c5283061cf
Properly remove the default port
2018-02-02 15:07:12 +01:00
Frank Denis
e4e351b854
Clear ServerName for -list-all
...
Suggested by @glitsj16, thanks!
Fixes #71
2018-02-02 14:51:14 +01:00
Frank Denis
bf56644a49
Add a -list-all switch; add IPv6 & port number info to the JSON output
2018-02-01 21:48:46 +01:00
Frank Denis
fe2bb3847b
Update Travis for the new example file names
2018-02-01 19:01:02 +01:00
Frank Denis
c2fb372112
Rename example files
2018-02-01 18:28:53 +01:00
Frank Denis
13952ffb1a
Do not consider the absence a listening sockets an error
...
Because systemd.
Fixes #64
2018-02-01 16:59:48 +01:00
Frank Denis
ac22f8a046
typo
2018-02-01 12:37:13 +01:00