Frank Denis
4029d3d4f3
proxy.dropPrivilege() doesn't return on success
2020-04-26 14:49:43 +02:00
Frank Denis
3c510b74bb
Start listeners as goroutines
2020-04-26 14:26:40 +02:00
Frank Denis
c6b2869317
Update Poly1305 dep
2020-04-26 13:03:48 +02:00
Frank Denis
4a50736457
Only start accepting connections after everyting has been initialized
...
Fixes #1295
And more. The estimator, key and servers list were not initialized either.
2020-04-26 12:52:55 +02:00
Frank Denis
7d0e1440e1
ESNI has been renamed to ECHO
2020-04-24 11:15:40 +02:00
Frank Denis
252b10c996
Remove blacklisted names due to globbing patterns
...
This is very clumsy, as it doesn't handle time-based rules properly,
and doesn't handle whitelists at all.
Adding globs to the "names" list is also an ugly hack just to have
them included in the final output.
2020-04-22 17:55:24 +02:00
Frank Denis
a71b531d2e
Re-add -o / --output-file
2020-04-21 23:40:58 +02:00
Frank Denis
dcd6f8448d
Revert "Improve generate-domains-blacklist.py to remove redundant lines ( #1184 )"
...
This reverts commit 58871de725
.
2020-04-21 23:08:40 +02:00
Huhni
58871de725
Improve generate-domains-blacklist.py to remove redundant lines ( #1184 )
...
* Improve script to remove redundant lines
Let the script remove those lines that are covered by regular expressions already
* add optional "-o OUTPUT_FILE" argument
This ensures that UTF-8 is used.
The redirect to file functionality from before is maintained, because "default=None" is used for the -o argument
I also fixed the formatting slightly to avoid newlines at the beginning of the file.
* improve glob matching
- rename regexes into globs
- only check trusted (local) files for globs
- use fnmatch instead of manually converting globs into regular expressions and matching them
- modify is_glob function to check only for the following characters: * [ ] ?
- improve get_lines_with_globs function, by using the native filter and lambda functions
- improve covered_by_glob function, by checking if line is part of glob_list, instead of calling is_glob again
- print "ignored entries due to globs in local-additions" to the output as well to better differentiate from other duplicates
2020-04-21 23:07:32 +02:00
Frank Denis
9519472bbe
Don't print the proxy version in the child
2020-04-20 12:34:59 +02:00
Frank Denis
6f2dcb900a
Drop privileges early
...
Fixes #1265
2020-04-20 12:27:53 +02:00
Frank Denis
b6b7ed3a67
Dropping privileges doesn't work reliably on MacOS
2020-04-20 11:50:27 +02:00
Frank Denis
abfd195e51
Use Kadhosts without controversies
...
Fixes #1288
2020-04-19 17:55:46 +02:00
Frank Denis
69a7d832c4
Remove lists that are pretty much empty
2020-04-19 17:52:16 +02:00
Frank Denis
ccc91e28a3
Try enabling energized blu by default
...
Quite a lot of domains in that list don't exist any more, though.
2020-04-19 17:46:18 +02:00
Frank Denis
900ed13ff1
Remove banbenek's list
2020-04-19 17:39:53 +02:00
Frank Denis
dd522bb726
Merge branch 'master' of github.com:DNSCrypt/dnscrypt-proxy
...
* 'master' of github.com:DNSCrypt/dnscrypt-proxy:
use global 'timeout' option for forwarding queries (#1284 )
2020-04-18 21:18:53 +02:00
Frank Denis
2779d92f01
Add some blacklists
2020-04-18 21:18:40 +02:00
29f
f71244ed74
use global 'timeout' option for forwarding queries ( #1284 )
...
* Update plugins.go
* Update plugin_forward.go
2020-04-17 20:57:23 +02:00
Frank Denis
4f41fc3fee
Add Geoffrey Frogeye's block list
2020-04-12 23:34:15 +02:00
Frank Denis
527764aba7
Upper case
2020-04-05 20:50:28 +02:00
Kiril Angov
d2602fd142
Respect proxy.mainProto in forward plugin ( #1259 )
...
* Respect proxy.mainProto in forward plugin
* Make the serverProtocol part of pluginsState instead
2020-04-05 20:49:30 +02:00
Frank Denis
f4631b9121
Remove unreachable code
...
Spotted by @komapa
2020-04-05 20:48:00 +02:00
Linuxfreak
76f6d02e52
Change URL of Block Spotify ads ( #1266 )
...
The url of the Spotify-HOSTS.txt is changed. Path of "/filter/" is now "/filters/"
2020-04-04 22:18:21 +02:00
Frank Denis
5930b45116
Farewall host-files.net domain list
...
Fixes #1262
2020-04-02 14:56:38 +02:00
kimw
4ce28473f4
Update example-ip-blacklist.txt ( #1264 )
...
fix https://github.com/DNSCrypt/dnscrypt-proxy/issues/1261 . remove `[` & `]`.
2020-04-02 14:55:18 +02:00
Frank Denis
f6b9706322
This reverts commit 876e389a0a
.
...
April 1st is almost over :)
2020-04-01 21:55:17 +02:00
Frank Denis
876e389a0a
Make doh.nsa.gov the default DNS server
2020-04-01 12:22:52 +02:00
Frank Denis
17fbad3648
Update deps
2020-04-01 12:15:13 +02:00
Frank Denis
1ff31f14f1
Remove the ct parameter from DoH queries
...
That was a workaround for Google, but Google doesn't seem to need
it any more.
2020-04-01 12:12:57 +02:00
Frank Denis
eb372e7ce5
First release using GitHub Actions: success! Farewell, Travis.
2020-03-26 18:53:35 +01:00
Frank Denis
89dd0de6af
Update ChangeLog
2020-03-26 18:38:15 +01:00
Frank Denis
8fc2f00ffb
Probably older than version 1.4.0
2020-03-26 18:33:39 +01:00
Frank Denis
3ca80afb19
packets -> client queries
2020-03-26 17:25:52 +01:00
Frank Denis
74095d38ed
Remove LargerResponsesDropped
...
dnsdist drops DNSCrypt queries shorter than 256 bytes, interpreting them
as not being encrypted instead. This is surprising when doing ad-hoc
testing, but absolutely fine, and we will never send shorter encrypted
queries on normal circumstances.
So, remove a useless knob.
2020-03-26 17:20:34 +01:00
Frank Denis
fb04a62470
ChangeLog
2020-03-26 15:39:48 +01:00
Frank Denis
b3fbc2304d
All dnsdist servers exhibit the same behavior re: sending truncated responses
...
A 128 bytes query will not get a 200 bytes response (randomly tested on
3.tlu.dl.delivery.mp.microsoft.com), not even a truncated one.
It may be related to fragments being blocked on the server socket, or a
different issue. We can expect everything to be back to normal in dnsdist
1.5.0 no matter what.
2020-03-26 15:19:17 +01:00
Frank Denis
5049516f53
Add an option to ignore servers incompatible with anonymization
2020-03-26 13:41:57 +01:00
Frank Denis
7621737dde
Improve debugging
2020-03-26 13:30:39 +01:00
Frank Denis
9542109d66
Cancel dnsExchange goroutines as soon as we have a best response
2020-03-26 12:53:22 +01:00
Frank Denis
ad36321dc8
Add cleanbrowsing until dnsdist 1.5.0 is out
2020-03-26 12:31:12 +01:00
Frank Denis
98e53c4013
Replace Travis status badge with the GitHub Action badge
2020-03-26 11:15:12 +01:00
Frank Denis
c54e8a2c60
Goodbye Travis, let's switch to GitHub Actions!
2020-03-26 11:02:19 +01:00
Frank Denis
8896787e66
Add other dnsdist servers until the MTU issue is fixed
...
https://github.com/PowerDNS/pdns/pull/7410
2020-03-26 10:57:09 +01:00
Frank Denis
9f65457b1c
Wait a little bit more between UDP attempts
2020-03-26 10:37:56 +01:00
Frank Denis
1d090eb194
Unfortunately, blocking stats.* has too many implications
2020-03-25 20:33:36 +01:00
Frank Denis
7424f1a8b7
Try harder to work around Cisco and Quad9 bugs
2020-03-25 20:10:11 +01:00
Frank Denis
64935c9b92
Bump
2020-03-25 18:24:25 +01:00
Frank Denis
0860245c73
Nits
2020-03-25 18:24:03 +01:00
Frank Denis
25b89e57ae
Add Quad9 back to the list of servers with broken padding
2020-03-25 18:11:16 +01:00