miracle091/dnscrypt-proxy
miracle091
/
dnscrypt-proxy
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,825 Commits 7 Branches 89 Tags 61 MiB
Commit Graph

1825 Commits

Author SHA1 Message Date
Frank Denis 29613096da ODoH servers should not require a static configuration 2021-06-07 13:21:58 +02:00
Frank Denis 7980af6f46 Error propagation 2021-06-07 12:38:36 +02:00
Frank Denis 94151f9f96 Use ODoH relays in probes 2021-06-07 12:23:26 +02:00
Frank Denis a11da2d4fb ODoH: check certificate hashes 2021-06-07 12:09:27 +02:00
Frank Denis e0483bbb27 Pretend not to always use the first ODoH config 2021-06-07 12:06:36 +02:00
Frank Denis b35e27bd51 Shuffle ODoH target configs and use different NX queries 2021-06-07 12:05:42 +02:00
Frank Denis 4a4f69edb7 ODoH: only store working configurations 
Actually, we only store the first one right now.

We should at least randomize them.
 2021-06-07 12:02:21 +02:00
Frank Denis 96b05e57ca Preliminary propoer ODoH initialization 2021-06-07 11:47:11 +02:00
Frank Denis 56f2e9adcc server_name is ignored for x509 certs 2021-06-07 11:27:33 +02:00
Frank Denis dc99f1bc2c If you need this, implement it 2021-06-07 11:26:37 +02:00
Frank Denis 0d81fa2796 Remove doh_client_x509_auth stuf from fetchServerInfo 
It doesn't belong there, and that feature doesn't do what it's
documented to do. It sets client certificates globally instead of
doing it per server.
 2021-06-07 11:23:48 +02:00
Frank Denis 402860e2a6 ODoH broke DNSCrypt relays with wildcards - repair 2021-06-07 11:06:41 +02:00
Frank Denis cd45f64c18 ODoH: until relay auto selection is implemented, pick random ones 2021-06-07 11:00:21 +02:00
Frank Denis 27a82c54c8 ODoH: handle relay IP addresses 2021-06-07 10:46:01 +02:00
Frank Denis dce4db4c86 Construct net.URL directly 2021-06-07 10:08:55 +02:00
Frank Denis 525927e797 Don't use net/http 2021-06-07 10:05:20 +02:00
Frank Denis 3159bc3191 CI: use odoh-crypto-sx and odohrelay-fastly for testing ODoH 2021-06-06 22:42:33 +02:00
Frank Denis e57d5173e9 Support GET in ODoH targets 2021-06-06 01:22:48 +02:00
Frank Denis f542edacaa ODoH: until detection is in place, without a relay, prefer GET 2021-06-06 01:15:28 +02:00
Frank Denis 92792f0e8b Prevent remotely triggerable crash in ODoH config parser 2021-06-06 01:05:14 +02:00
Frank Denis 1cdb71cd7c Avoid double slashes in ODoH relay URLs 2021-06-06 01:01:39 +02:00
Frank Denis d2947cad75 Unbreak compilation 2021-06-06 00:14:56 +02:00
Frank Denis 3cf5c1ab8e Limit the number of ODoH target configs 2021-06-05 18:35:45 +02:00
Frank Denis 06135b6141 Reduce MaxHTTPBodyLength 2021-06-05 18:29:13 +02:00
Frank Denis 44f3db31ee Just a safeguard 2021-06-05 17:57:48 +02:00
Frank Denis 0a1d3b725c Rename ODoHTarget to ODoHTargetConfig for clarity 2021-06-05 17:49:19 +02:00
Frank Denis 2cf29f9fab CI: check the tests after running them 
The ODoH tests don't seem to pass.
 2021-06-05 17:04:35 +02:00
Frank Denis e27419f73d x509.SystemCertPool() may fail 2021-06-03 20:59:05 +02:00
Frank Denis ddcc40c954 Hardcode Let's Encrypt ISRG X1 cert 
Some operating systems don't include it yet.

Thanks to @rs for the heads up
 2021-06-03 12:48:33 +02:00
Frank Denis 14ef11447e Pasto, thanks to @lifenjoiner 2021-05-13 10:30:57 +02:00
Frank Denis 6e8628f796 Print an error if a block/allow rule contains more than a pattern 
... and it is not a time range.
 2021-05-12 17:43:13 +02:00
Frank Denis 31f4d7aa03 Do not ignore ODoH encryption errors 2021-05-09 16:16:38 +02:00
Frank Denis f9cecd1215 Update miekg/dns 2021-05-07 20:28:25 +02:00
Frank Denis 30779a40a6 Remove sysctl list, which is now updated any more 
Fixes #1694
 2021-05-01 01:16:35 +02:00
Frank Denis 367b5062ec Add another IP block list 2021-04-30 20:51:22 +02:00
Frank Denis d751781996 Update deps 2021-04-27 14:28:39 +02:00
Frank Denis 58e1410e66 Nits 2021-04-17 16:42:18 +02:00
Frank Denis e2e32406fb Improve ODoH log messages 2021-04-17 16:41:10 +02:00
Christopher Wood 23588733ae
Synchronously update the target configuration upon failure. (#1671) 
* Synchronously update the target configuration upon failure.

* Notice a serverInfo failure when key updates fail.

* Add server name to debug logs.
 2021-04-17 16:35:55 +02:00
Frank Denis 9759dd90a2 Limit the number of dependabot pull requests 2021-04-14 18:26:38 +02:00
milgradesec 754c2bdb93
Create dependabot.yml (#1670) 2021-04-14 18:25:51 +02:00
Alison Winters eda8dd5181
replace TrimFunc(s, IsSpace) with TrimSpace for ASCII optimization (#1663) 2021-04-05 11:46:57 +02:00
Christopher Wood 03413eae2f
Add ODoH test files. (#1656) 2021-03-30 15:11:09 +02:00
Frank Denis 81692a3a80 Update xsecretbox again 2021-03-30 13:38:50 +02:00
Frank Denis 8213a96cd5 Revert "Remove the need for two chacha20 implementations" 
This reverts commit 8e8a4bd024.
 2021-03-30 12:29:07 +02:00
Frank Denis cee31b646e Update Go version in CI 2021-03-30 11:57:10 +02:00
Frank Denis 8e8a4bd024 Remove the need for two chacha20 implementations 2021-03-30 11:54:04 +02:00
Frank Denis 3efbacc0d4 Rename 2021-03-30 11:53:59 +02:00
Christopher Wood c748f93752 Add ODoH support. (#1653) 2021-03-30 11:53:51 +02:00
Frank Denis f7219b2bfa Recommend discussions 2021-03-30 10:56:01 +02:00