37ebc1db0e
Replace @NET session with @SFC 2>&1 | FIND /i "/SCANNOW" >NUL
...
Fixes #336
2018-04-09 15:38:00 +02:00
fbfa8f9aab
Do stop/start for restart
2018-04-09 15:36:19 +02:00
aa538969a3
New beta
2018-04-09 13:27:02 +02:00
44880f9b2c
Patterns are now fully supported in cloaking rules
...
Fixes #306
2018-04-09 13:26:50 +02:00
7d10628a5f
New syntax for blocking/whitelisting rules: exact matching
...
Example: =example.com
Matches `example.com` but not `api.example.com`
2018-04-09 13:02:42 +02:00
de6a8d230e
Use PolyChaCha, but more importantly, RSA by default
...
Even on non-ARM systems, this makes a difference in CPU usage/latency
2018-04-09 12:45:42 +02:00
1a4d34dc55
Add golang.org/x/net/http2 to the dependencies
2018-04-09 11:56:49 +02:00
751f049136
Merge branch 'master' of github.com:jedisct1/dnscrypt-proxy
...
* 'master' of github.com:jedisct1/dnscrypt-proxy:
minor (#330 )
2018-04-09 03:13:05 +02:00
ca80b69b3a
Re-implement ephemeral keys for DNSCrypt
2018-04-09 03:12:34 +02:00
70dca19326
Clarify
2018-04-09 02:57:30 +02:00
b23a0fa007
minor ( #330 )
...
updated IETF draft link to version 5, updated the "official name" of the proposed protocol, which is indeed "DNS over HTTP" without S or 2.
2018-04-08 20:29:21 +02:00
172159c00a
Use Go 1.10.1
2018-04-08 08:48:48 +02:00
4439040bc8
patternMatcher: initialize the indirectVals map
2018-04-08 08:42:02 +02:00
10baa245b2
Clarify
2018-04-07 23:27:57 +02:00
fcdf7d7e55
Update ChangeLog
2018-04-07 23:14:15 +02:00
517538bdb2
Less ###
2018-04-07 23:05:29 +02:00
65e6b8569e
Implement whitelists
...
Fixes #293
2018-04-07 23:02:40 +02:00
ceb2d55afd
Move time range things to their own file
2018-04-07 22:36:30 +02:00
77d1b6d075
Spacing
2018-04-07 22:33:40 +02:00
fbe91ee58b
No need to initialize xTransport before we have all the parameters
2018-04-07 22:33:11 +02:00
dee7960be6
Bump keepalive up
2018-04-07 22:26:46 +02:00
1fa3e5d7f3
Add options to set the cipher suite as well as disable session tickets
2018-04-07 22:23:29 +02:00
a4366b0593
Update deps
2018-04-07 17:14:53 +02:00
10986aba62
Add a MemUsage() helper
2018-04-07 17:05:55 +02:00
5c86191e43
Use critibitgo
2018-04-07 16:59:10 +02:00
58c7ff3d2f
We may not have a schedule for every rule
2018-04-06 20:18:15 +02:00
105cb2c525
Make the pattern-matching code reusable
2018-04-06 20:14:19 +02:00
8217170a7b
Revert "Do not consider SERVFAIL responses as server failures"
...
This reverts commit 0e65c50989
2018-04-06 13:43:09 +02:00
2d27eabf95
Revert "Add a -v flag"
...
This reverts commit d8c95aaca8
2018-04-06 03:03:27 +02:00
d8c95aaca8
Add a -v flag
...
Fixes #317
But makes me grumpy, because -v usually means `verbose` to me.
2018-04-06 03:01:42 +02:00
0e65c50989
Do not consider SERVFAIL responses as server failures
2018-04-06 02:47:58 +02:00
a938eeff7b
Mainly revert 869d44c30e
...
Fixing #304 doesn't look trivial
The service module needs to know the arguments right away.
The arguments haven't been parsed yet. And if we do, we will prevent
further arguments to be added to the set. Including the ones added
by the service module itself.
So, we have quite of a circular dependency here.
If someone with some Go knowledge can fix that, that would be amazing.
But it's probably never going to happen.
Meanwhile, we can try to save the current directory and document
that we have to be in that directory when running the install command.
Which is not going to work on Windows, so this is a big fucking mess
2018-04-03 20:15:33 +02:00
c88e480a15
Include the -config option in the installed service
...
Untested on Linux and Windows. Fear.
Fixes #304
2018-04-03 19:42:27 +02:00
869d44c30e
Reorder
2018-04-03 17:59:15 +02:00
f0a690701d
Print "additional certificate" when a server has multiple valid certs
...
This doesn't mean anything but looks less confusing than having the
same message twice
Fixes #303
2018-04-02 20:55:42 +02:00
d4367393c4
Add some links
2018-04-02 01:55:22 +02:00
308ffff739
Make the keepalive configurable
...
Fixes #300
2018-04-02 01:49:09 +02:00
b71e04c64e
Update miekg/dns to v1.0.5
2018-04-02 00:10:55 +02:00
e210fc537e
Ignore the Cache-Control: max-age header
...
What's in the DNS packet is a better source of truth.
There was also an inconsistency between the TTL from the
max-age header (as returned in a response that wasn't cached) and
a response from the cache (using TTLs from the DNS packet).
So, just use what's in the packet.
Reported by @vavrusam, thanks!
2018-04-01 21:41:36 +02:00
2dedd3a314
em dash
2018-04-01 17:19:39 +02:00
2147a3a95f
Make this less confusing
2018-04-01 17:19:03 +02:00
f3e3ff01c8
Nits
2018-04-01 17:14:44 +02:00
22da6ca8da
Add some links
2018-04-01 17:13:53 +02:00
adb0c94a61
April 1st is already over in some time zones :)
...
This reverts commit dac52ab42a
2018-04-01 16:35:32 +02:00
dac52ab42a
Completely remove support for the DNSCrypt protocol
2018-04-01 04:04:12 +02:00
2dcf5fe01a
Skip the signature in the example Google stamp
...
Example configuration files are updated less often than sources
2018-04-01 03:50:10 +02:00
d812a9bdc3
Revert to 9.9.9.9 as the example fallback resolver
...
Just in case some networks do stupid things with 1.1.1.1 already.
2018-03-30 22:24:19 +02:00
a2160189af
Welcome to 1.1.1.1
2018-03-30 21:30:06 +02:00
be84399ffc
Do not assume that the kernel supports IPv6
2018-03-29 16:30:35 +02:00
5cc4663081
Bump
2018-03-29 11:22:20 +02:00
Frank Denis
Massimiliano Fantuzzi HB3YOE