Amit
2a6a1852f1
Cache Plugin: return non-fixed TTL for cached entries
2018-02-09 17:59:04 +02:00
Frank Denis
c42ae840db
Merge pull request #107 from Bitti09/master
...
switched to https version when available
2018-02-08 16:21:17 +01:00
Bitti09
a4e4c9da8e
switched to https version when available
2018-02-08 16:18:40 +01:00
Frank Denis
063a9b6957
Remove Solaris test builds
2018-02-07 23:37:56 +01:00
Frank Denis
148b19cfd1
Use Go 1.10rc2
2018-02-07 22:50:38 +01:00
Frank Denis
dfe68118c6
Don't suggest that URLs are optional in the example config file
...
This is confusing, and virtually everybody needs to specify
URLs no matter what.
Fixes #101
2018-02-07 10:48:41 +01:00
Frank Denis
16c75172ad
Remove "starting"
...
Fixes #97
2018-02-06 19:33:58 +01:00
Frank Denis
453299e49a
2.0.0 final
2018-02-06 16:13:06 +01:00
Frank Denis
d644cf0c41
Move servers down
2018-02-06 16:11:53 +01:00
Frank Denis
6863ab66d5
Update dlog
2018-02-06 16:07:54 +01:00
Frank Denis
404c21816e
Use a more permanent URLm even if it's a redirect
2018-02-06 14:27:45 +01:00
Frank Denis
f6b6d70615
Add knobs to filter by protocol
2018-02-06 14:11:58 +01:00
Frank Denis
31c16c0dbb
Nits
2018-02-05 19:25:52 +01:00
Frank Denis
af0833387a
Close idle connections after an error; reduce idle connections timeout
2018-02-05 19:03:04 +01:00
Frank Denis
7f5d67881b
Add a super secret way to print cert hashes
...
Not so secret. The purpose is to avoid log pollution, while still
allowing people setting up DoH servers to quickly view the
certificate chain.
2018-02-05 13:24:17 +01:00
Frank Denis
5c52199ee1
draft 3 says queries should use "dns", previous drafts said "body"
...
Send both until servers adjust :/
2018-02-05 11:36:15 +01:00
Frank Denis
43f3e64bd9
DoH: fallback to GET on servers that don't support POST
2018-02-05 11:30:10 +01:00
Frank Denis
8a7569555c
Don't warn if lbStrategy is empty
2018-02-05 01:53:23 +01:00
Frank Denis
a43352e160
Make the load-balancing strategy configurable
2018-02-04 21:23:39 +01:00
Frank Denis
88434fc39f
Prepare support for multiple load balancing strategies
2018-02-04 21:13:54 +01:00
Frank Denis
f319088506
restrict. is too restrictive
2018-02-04 15:20:17 +01:00
Frank Denis
6f546b4c21
Use Cache-Control
2018-02-04 13:48:51 +01:00
Frank Denis
6b49470b95
Update deps, include cachecontrol
2018-02-04 13:48:40 +01:00
Frank Denis
ed60976dd2
Infer TTL from Date: and Expire: headers
...
Unfortunately, Google DNS sets Expire: to the same value as Date:
So we may want to use Cache-Control instead.
2018-02-04 13:35:40 +01:00
Frank Denis
458da8fa77
DoH: use 0 as a transaction ID
...
Reject short TCP queries early by the way
2018-02-04 12:57:54 +01:00
Frank Denis
2eed62f1e2
Add a setMaxTTL() function
...
Will be useful to interprete HTTP cache headers in DoH
2018-02-04 12:39:33 +01:00
Frank Denis
454e1bdfbc
Link to the latest draft of DNS-over-HTTPS
2018-02-04 12:20:26 +01:00
Frank Denis
a4b70fa56d
Last released candidate, so people can test cloaking
2018-02-04 12:00:24 +01:00
Frank Denis
9d69811de9
Add limits to HTTP requests
2018-02-04 11:33:04 +01:00
Frank Denis
9ee7e522b1
Proper stamps length check
2018-02-04 11:04:29 +01:00
Frank Denis
cfeb25a4c2
cloak: decrement TTL
2018-02-04 09:36:57 +01:00
Frank Denis
d005a76dc4
Add some comments
2018-02-04 02:29:09 +01:00
Frank Denis
18167c0f47
If we already performed a resolution before, even partial, don't retry
...
(at least until the TTL expires)
So, if www.google.com is cloaked, and forcesafesearch returns a A
record but no AAAA, return the cloaked A record for A queries, but
don't return the actual AAAA record for AAAA queries: return a
synthetic empty response instead.
2018-02-04 02:22:38 +01:00
Frank Denis
5c18c51116
We need to manage the TTL properly, but in the meantime, reduce log verbosity
2018-02-04 02:12:45 +01:00
Frank Denis
1e066e69b3
Import a cloaking example file
2018-02-04 01:57:18 +01:00
Frank Denis
033931a13a
Add a new powerful plugin: DNS cloaking
2018-02-04 01:43:37 +01:00
Frank Denis
e62dd27593
Use https for the remote source example
...
This can be changed back to http on platforms that don't have a clock
2018-02-03 22:01:09 +01:00
Frank Denis
93810e60d7
Set the default source refresh delay to 3 days
2018-02-03 18:55:46 +01:00
Frank Denis
588d8dabde
rc2
2018-02-03 12:53:43 +01:00
Frank Denis
faf80cd6f7
Recompress the logo
2018-02-03 12:15:24 +01:00
Frank Denis
f513ab21fa
Check if the config file exists from the current directory
...
Try the executable directory if it fails
Then, go to that config file directory no matter what
Fixes #80
2018-02-03 10:46:47 +01:00
Frank Denis
67b0d95ea1
Reduce log verbosity when ignore_system_dns = true
...
Fixes #81
2018-02-03 10:25:41 +01:00
Frank Denis
db973f1aa9
Merge pull request #78 from mastad0n/patch-5
...
Fix mirror 404
2018-02-02 20:43:31 +01:00
Frank Denis
118ec5e0f0
Merge pull request #79 from mastad0n/patch-6
...
fix mirror 404
2018-02-02 20:43:19 +01:00
mastad0n
d2a0cdf0c7
fix mirror 404
2018-02-02 11:28:40 -08:00
mastad0n
1feada737e
Fix mirror 404
2018-02-02 11:27:59 -08:00
Frank Denis
cb911e6ed0
Add missing golang-lru files
2018-02-02 18:18:38 +01:00
Frank Denis
a7ecb1a4a3
Update golang-lru
2018-02-02 17:46:45 +01:00
Frank Denis
1fcb0acc77
Merge pull request #77 from Zirkelite/systemd-service-update
...
Update systemd service to pull nss-lookup.target in.
2018-02-02 16:04:06 +01:00
Adrián Laviós Gomis
821646e7a4
Update systemd service to pull nss-lookup.target in.
...
According to systemd.special(7), nss-lookup.target is a Special Passive System Unit. This means that services depending on its functionality should order themselves after the target with an After= type dependency, but should not have a Wants= dependency for them. Therefore, nss-lookup.target should be pulled in by the providing services instead, or the consumer services will never be able to order themselves after the providing services since nss-lookup.target would not be pulled in at any point in the boot process. dnscrypt-proxy.service provides name lookup functionality, and has a Before= dependency on nss-lookup.target. However, it should have a Wants= dependency on it as well in order to indicate readiness of name lookup functionality.
2018-02-02 15:51:38 +01:00