interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,223 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

97 Commits

Author SHA1 Message Date
wtoorop d436165a88 Merge pull request #112 from saradickinson/features/tls_auth 
Features/tls auth
 2015-08-17 12:53:38 +02:00
Willem Toorop 7c902bf73c Fix fallback failures fix ;) 2015-08-17 12:35:10 +02:00
Sara Dickinson dc7d7e7689 Fix openssl dependancy 2015-08-15 16:35:30 +01:00
Sara Dickinson 45de1f65b3 Update docs with details of OS X certificate handling. 2015-08-15 14:40:16 +01:00
saradickinson cb1dff1ac7 Add ability to verify server certificate using hostname for TLS/STARTTLS 
NOTE: This implementation will only work for OpenSSL v1.0.2 and later.
Doing it for earlier versions is totally insane:

  https://wiki.openssl.org/index.php/Hostname_validation
 2015-08-15 14:40:15 +01:00
Sara Dickinson ab60211020 Fix fallback failures. Add manual regression test script. 2015-08-12 11:42:02 +01:00
Willem Toorop 9daaa1638c One more event callback setting before clearance 2015-07-14 13:42:40 +02:00
Willem Toorop d4e932890a Do not reset event callbacks before clearing 2015-07-14 11:54:25 +02:00
Willem Toorop 70857ccc74 Proper handling of system stub query timeouts 2015-07-09 23:09:39 +02:00
Willem Toorop f066d5ef73 Merge branch 'features/native-stub-dnssec' into develop 
Conflicts:
	configure.ac
	src/stub.c
 2015-07-02 10:27:27 +02:00
Willem Toorop 8d5ac3afde Store dnsreq->name in wire format 2015-06-29 23:32:49 +02:00
Willem Toorop 407ecffb67 dnssec_status in netreqs 2015-06-29 22:23:01 +02:00
wtoorop 93e0237273 Merge pull request #106 from saradickinson/features/transport_fixups 
Features/transport fixups
 2015-06-29 21:09:47 +02:00
Sara Dickinson e5a80943e2 Turn fast open on by default. Fix build warning. 2015-06-29 11:54:31 +01:00
Sara Dickinson e20d679bc8 Improve TCP close handling and sync connection closing 2015-06-29 09:09:13 +01:00
wtoorop 9ac1ea39b8 Merge pull request #105 from saradickinson/features/transport_fallback 
Features/transport fallback
 2015-06-29 09:21:31 +02:00
Sara Dickinson 8c61ecd024 Finally fix problem with upstream walking that was causing intermittent crash. And fix sync idle timeouts. Again. 2015-06-26 16:14:04 +01:00
Sara Dickinson 8925fb22fc More bug fixes and tidy up 2015-06-26 14:27:21 +01:00
Sara Dickinson ddd90e29c5 Fix idle_timeout bug 2015-06-26 08:19:22 +01:00
Sara Dickinson cb5bbac26d Do better with unbound transport mapping and fix problems with sync fallback 2015-06-25 20:21:00 +01:00
Sara Dickinson 8819d29535 Implement TCP fallback and hack for lack of sync idle timeout. 2015-06-24 18:49:34 +01:00
Sara Dickinson c425f96e0b Fix TLS handshake for sync messages. 2015-06-23 15:39:56 +01:00
Willem Toorop 5c01df226c Init netreq dnssec status at netreq init time 2015-06-23 16:39:30 +02:00
Sara Dickinson 67e282edd1 More work on transport/upstream fallback. TLS and UDP fallback not working yet.... Probably need to maintain a current upstream for each transport to get this working properly 2015-06-22 18:02:28 +01:00
Sara Dickinson 57b163c790 Fix bug in STARTTLS timeout 2015-06-22 14:31:19 +01:00
Sara Dickinson b73b5b2792 Fix some bugs... 2015-06-21 16:55:12 +01:00
Sara Dickinson 635cf9e182 Re-factor of internal handing of transport list. 2015-06-19 18:28:29 +01:00
wtoorop d819bc901b Merge pull request #104 from saradickinson/features/transport_api 
Commit addition of transport list to the API.
 2015-06-18 22:02:46 +02:00
Sara Dickinson 68dfb15706 Add context idle timeout 2015-06-18 17:11:11 +01:00
Sara Dickinson 8dd8d90e74 Commit addition of transport list to the API. 
- set and get functions are added.
- Existing transport functions retained for backwards compatibility.
- Basic combinations work as before, but underlying functional changes and cleanup are not complete yet...
- Context level options for timeouts and max_transactions_per_tcp_connection coming soon...
 2015-06-17 17:18:09 +01:00
Willem Toorop 39639a86c4 Make dname_equal reusable 
+ some symbol renames
 2015-06-16 16:11:51 +02:00
Willem Toorop 97f0dddb1e remove ldns dependency from rr-dict.c 
Only dnssec.c left
 2015-06-12 13:51:36 +02:00
Willem Toorop e820452aaa Rm 2 outdated ldns usage cases 2015-06-11 11:21:12 +02:00
Willem Toorop d5f70ab904 rm spurious execute bits +unit test to detect them 
Thanks Paul Wouters
 2015-05-26 14:16:27 +02:00
Sara Dickinson 894cb1555b Fix intermittent crash for STARTTLS 2015-05-13 17:15:56 +01:00
Willem Toorop 98b3364b65 uniform debugging method + disable stub debugging 2015-05-13 12:47:17 +02:00
saradickinson 3ac5e660f9 Address few minor bugs pointed out by willem 2015-05-11 22:01:31 +02:00
Sara Dickinson 9a7bfdd45b Add trivial stub_debug functions. 2015-05-03 15:39:21 +01:00
Sara Dickinson 9d967317d3 Improve the timeout handling for TLS. 2015-05-03 15:11:46 +01:00
Sara Dickinson 01adce8299 Organise code in stub.c and add some utility methods. 2015-05-02 18:08:45 +01:00
Sara Dickinson d6d83b219d Make sure UDP only uses 1 upstream per IP address. Fix a couple of other bugs. 2015-04-30 19:07:49 +01:00
Sara Dickinson 450a3bc6ff Fix STARTTLS fallback. 2015-04-30 14:52:16 +01:00
Sara Dickinson 7905eda8b7 Some clean up of connection handling. Still a problem with STARTTLS fallback that needs fixing. 2015-04-30 12:24:13 +01:00
Sara Dickinson 79b3412fbf Add another transport option as proof of concept for STARTTLS. 2015-04-29 19:20:25 +01:00
Sara Dickinson b533bc59c5 Fix bug when fallback not available 2015-04-27 16:37:16 +01:00
Sara Dickinson 4e6e66fc77 Get sync messages working with new async code. 2015-04-27 15:32:57 +01:00
Sara Dickinson 3de15ad782 Change internal transport handling to use a list, not a fixed type 2015-04-24 16:29:08 +01:00
Sara Dickinson f2ae55858f First pass at making handshake async. Lots of issues with this code still 
- timeouts are not being rescheduled on fallback
- several error cases are not being handled correctly (e.g. 8.8.8.8) and a user callback is not always called
- the fallback mechanism is not generic (specific to tls to tcp)
 2015-04-23 17:46:31 +01:00
Sara Dickinson 6c7ffc4e4e 1) Fix enum mapping error. 
2) Also add detection of TLS 1.2 in openssl during configure and warn that it if not available then TLS will not be available. Using TLS_ONLY in stub mode will then error with BAD_CONTEXT. TLS/TCP will fallback to TCP.

3) Explicitly disallow use of TLS_ONLY in RECURSIVE mode since it isn't supported yet. TLS/TCP will fallback to TCP.

4) Fix for MAC OS X build where openssl not linked correctly
 2015-04-17 18:38:13 +01:00
Sara Dickinson ab4fb8d9e9 Enable GETDNS_TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN for libunbound. Should only be used in stub mode. 
GETDNS_TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN still just does TCP.
Also some tidy up of new transport types.
 2015-04-17 15:50:08 +01:00