Un cache-proxy DNS con supporto a DoH, DNSCrypt e Anonymized DNSCrypt https://dnscrypt.info/
Go to file
Frank Denis dd9ada305b + README.md 2018-01-10 20:17:46 +01:00
dnscrypt-proxy Doc 2018-01-10 19:49:39 +01:00
.gitignore Add a config file 2018-01-10 12:02:09 +01:00
.travis.yml Add Travis 2018-01-10 17:27:48 +01:00
LICENSE Initial commit 2018-01-09 00:21:21 +01:00
README.md + README.md 2018-01-10 20:17:46 +01:00
glide.yaml Glide update 2018-01-10 19:33:51 +01:00

README.md

dnscrypt-proxy 2

A client implementation of the DNSCrypt protocol.

Current status/features

Features dnscrypt-proxy 1.x dnscrypt-proxy 2.x
Status Old PoC, barely maintained any more Very new, but quickly evolving
Code quality Big ugly mess Readable, easy to work on
Reliability Poor, due to completely broken handling of edge cases Excellent
Security Written in C, using patched system libraries Written in standard and portable Go
Dependencies Specific versions of libsodium, libldns and libtool None
Upstream connections using TCP Catastrophic, requires client retries Implemented as anyone would expect
Support of links with small MSS Unreliable due to completely broken padding Reliable, carefully implemented
Support for multiple servers Nonexistent Yes, with automatic failover and load-balancing
Custom additions C API, requiers libldns for sanity Clean Go structures using miekg/dns
AAAA blocking Yes Yes
DNS caching Yes, with ugly hacks for DNSSEC support Yes, without ugly hacks
EDNS support Broken with custom records Yes
Asynchronous filters Lol, no they block everything Of course, thanks to Go
Session-local storage for extensions Impossible Yes
Multicore support Nonexistent Yes, thanks to Go
Efficient padding of queries Couldn't be any worse Yes
Multiple local sockets Impossible Of course
Automatically picks the fastest servers Lol, it supports only one at a time, anyway Yes, out of the box

Planned features

  • New super simple (to copy&paste), extensible format for servers parameters: "stamps"
  • Automatic updates
  • Filtering with regexes
  • Offline responses
  • Local DNSSEC validation
  • Flexible logging
  • Windows support that doesn't suck
  • DNS-over-HTTP2
  • Some real documentation