miracle091/dnscrypt-proxy
miracle091/dnscrypt-proxy
1
0
Fork 0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2024-12-29 00:30:30 +01:00
Code Issues Releases Wiki Activity
820 Commits 5 Branches 89 Tags 62 MiB
da48434483
Commit Graph

820 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
encrypt.town
da48434483 regex isn't fully parsing the complicated csv file 
Not all URLs are extracted from the complicated csv file.
However, they do offer a txt file for the same list, which does work correctly with the current regex:
https://www.malwaredomainlist.com/forums/index.php?topic=3270.0
This url replacement pull request is easier than rewriting the entire regex (which then breaks other lists).
 2019-05-29 09:31:16 +02:00
Ferdinand Holzer
4e76cd2245 Rename cacheHit to hit in ltsv log 2019-05-28 23:14:28 +02:00
Ferdinand Holzer
14b464e56d Log whether response was served from cache 2019-05-28 23:14:28 +02:00
Ferdinand Holzer
af096f8488 Remove request forwarding measurement from log 2019-05-28 23:14:28 +02:00
Frank Denis
578c090890 Send an empty packet to the probe 
This seems to be required on Windows.

Also add the ability to wait for up to an hour.
 2019-05-28 13:22:11 +02:00
Ferdinand Holzer
da2e4b0b4b Change duration output in query log to milliseconds (#836) 2019-05-26 21:53:15 +02:00
Ferdinand Holzer
eab77ff871 Enhance logging (#834) 
* Enhance query logging

Add request duration, and forward duration if applicable.

* Also measure requests forwarded based on forwarding_rules
 2019-05-26 21:16:47 +02:00
Frank Denis
29a954f651 Snap: don't bother renaming the example config file 2019-05-24 23:03:06 +02:00
Frank Denis
ef3e4cb6ee snap: use classic confinement, copy config files, remove network-control 2019-05-24 22:59:51 +02:00
Simon R
f3e032f88a fix remaining urllib2 reference (#830) 2019-05-22 20:50:45 +02:00
igorljubuncic
0f3e8d32c6 Add support for building snaps (#820) 2019-05-22 17:43:47 +02:00
Simon R
bc5e4f0544 make generate-domains-blacklist.py compatible to both python2 and python3 (#828) 
* update domains-blacklist-all.conf: Quidsup NoTrack moved to gitlab

* make generate-domains-blacklist.py python3 compatible

* fix whitespace
 2019-05-22 10:15:08 +02:00
encrypt.town
dcce060ef2 Whitelist Server Source Domains (#829) 
A malicious blacklist, or accidental block, could prevent dnscrypt-proxy users from being able to fetch public resolvers and important certificate updates. Both URLs are taken from the default config:

[sources.'public-resolvers']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
 2019-05-22 10:14:37 +02:00
Frank Denis
fb7f16c902 quidsup notrack moved to gitlab 
Thanks to @simonfxr for reporting this
 2019-05-21 20:29:02 +02:00
Frank Denis
0e2d78d21b Warn is DoH is requested but HTTP/2 is not supported 2019-05-12 09:55:13 +02:00
Frank Denis
50a2018633 Keep holding the read lock in the cloaking load-balancing code 
Maybe
fixes #807
 2019-05-02 23:53:47 +02:00
Frank Denis
02d07df43f Cloaking example: yandex.ru to familysearch.yandex.ru 2019-04-29 14:35:24 +02:00
Frank Denis
a8045e0a7a Bump 2019-04-28 23:26:33 +02:00
Frank Denis
71858bfc98 Update deps 2019-04-28 23:19:52 +02:00
Frank Denis
587a09b306 Add freebsd/armv7 target 
Fixes #792
Fixes #682
 2019-04-15 08:48:08 +02:00
Frank Denis
5c9edfccfe Ignore onion servers if Tor is not being used 2019-04-14 14:19:12 +02:00
Frank Denis
4940b34c76 Improve caching of server addresses, especially when using proxies 2019-04-14 13:46:07 +02:00
Frank Denis
d143ae5279 Set the main protocol to TCP when using a SOCKS proxy 2019-04-14 13:41:43 +02:00
Frank Denis
4b001e3b8e Skip DNS resolution on Tor services 2019-04-14 11:18:14 +02:00
Frank Denis
0a535e28ab Stop printing "crypto v1/v2", as both are equally secure 2019-04-08 08:30:43 +02:00
Frank Denis
25ac94e7b2 Revert "Add Stretch-Hash-and-Truncate option for extreme DNS privacy" 
This reverts commit 2d1dd7eaab.
 2019-04-02 01:57:48 +02:00
Frank Denis
2d1dd7eaab Add Stretch-Hash-and-Truncate option for extreme DNS privacy 
This works over DNSCrypt and DoH, but requires a specifically configured
server.

Instead of sending the actual DNS queries, the SH-T system works as follows:

Step 1: the client query is evaluated through Argon2id, a military-grade,
memory-hard, CPU-hard stretching function. This makes it very expensive
for an attacker to find the original query, even using GPUs and ASICs.
For post-quantum resistance, we use it to generate a 1024-bit key.

Step 2: in case the Argon2id algorithm has a vulnerability, or, since this
is a popular function used for hashing passwords and for cryptocurrencices,
and people may have built rainbow tables already, we use a hash function over
the result of the previous function. This immediately defeats rainbow tables.

Step 3: the output of the hash function is truncated to 64-bit.
Due to a property of this operation known as collision-misresistance, and even
if the previous steps fail due to a nation-state actor, it is impossible for a
server operator to prove what exact query was originally sent by a client.

This feature is experimental.
 2019-04-01 09:36:56 +02:00
Frank Denis
f744110d38 Bump 2019-04-01 08:24:58 +02:00
Frank Denis
674bd30d45 Update dependencies 2019-04-01 08:21:17 +02:00
Frank Denis
8b608403b1 Do not cache truncated messages 
Fixes #774
 2019-04-01 08:19:26 +02:00
Aleksandr Sergeev
a389067d29 Replace “find” with “findstr” in batches (#764) 
* Update service-install.bat

* Update service-restart.bat

* Update service-uninstall.bat
 2019-03-21 14:23:01 +01:00
Frank Denis
85abbeac61 Bump 2019-03-14 20:21:26 +01:00
Frank Denis
8076e206e0 Revert "Install the windows service as "NT AUTHORITY\NetworkService"" 
This reverts commit 17db0a658f.

On Windows, switching to user `NT AUTHORITY\NetworkService` apparently
breaks logging (reported by @Aland_123).
 2019-03-14 20:10:53 +01:00
Frank Denis
707098a922 Bump 2019-03-14 02:18:20 +01:00
Frank Denis
c16016b112 Update deps 2019-03-14 02:17:58 +01:00
Frank Denis
47853e73d0 Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy 
* 'master' of github.com:jedisct1/dnscrypt-proxy:
  Re-add a big download link in addition to the badge
  Fix Matrix badge and replace the latest release notice with a badge (#749)
  Add Matrix Chat Badge (#747)
 2019-03-14 02:00:19 +01:00
Frank Denis
26cc68b748 Make startup *way* faster, especially when using DoH 2019-03-14 01:59:57 +01:00
Frank Denis
7688059cfb Re-add a big download link in addition to the badge 
Pretty sure many people won't think about clicking on the badge.
 2019-03-06 18:14:16 +01:00
CHEF-KOCH
e9b4df38be Fix Matrix badge and replace the latest release notice with a badge (#749) 
* The shiels.io page seems to generate wrong links (sorry for that!) I reported it to the shields.io project to fix this ASAP.
* Replaced the "latest release" notice information with a badge which automatically fetches the latest "Release" which means no one has to manually edit the readme each time a new release was introduced.
 2019-03-06 18:10:01 +01:00
CHEF-KOCH
935c1dd9f8 Add Matrix Chat Badge (#747) 
* Add Matrix.org Chat badge
* Place the Travis build status badge together with the matrix chat badge under the main logo
 2019-03-06 02:15:20 +01:00
Frank Denis
b624f8ef58 Accept sdns: scheme without a namespace 2019-03-03 18:20:39 +01:00
Frank Denis
864476b835 Update Quidsup URLs 
Fixes #743
 2019-03-03 17:43:25 +01:00
corsmith
d1a337f64b logging enhancement CLOAK (#742) 2019-03-02 18:01:21 +01:00
Frank Denis
c3e29c2a60 Switch to Go modules 2019-03-01 18:44:37 +01:00
Frank Denis
0a65a658b6 Back to stable Go 2019-02-26 08:51:25 +01:00
Frank Denis
8899389d8b Store IP addresses, not references 2019-02-25 18:25:35 +01:00
Frank Denis
734483226b Support multiple IPs for a single cloaking rule 
Fixes #617
 2019-02-23 15:51:30 +01:00
Frank Denis
5dc66adaa9 Move disabled_server_names down 2019-02-23 14:55:23 +01:00
Frank Denis
c10fbb2aa7 + disabled_server_names 
Fixes #735
 2019-02-23 14:54:22 +01:00
Frank Denis
d0ca608cb7 Update deps 2019-02-23 13:44:05 +01:00