Commit Graph

1399 Commits

Author SHA1 Message Date
Willem Toorop 2c2359af61 Remove duplicate records in RRset before verifying
As suggested in RFC4034 section 6.3
2015-12-16 10:47:15 +01:00
Willem Toorop f88214ab76 Correct include path on json pointer test 2015-12-11 12:21:58 +01:00
Willem Toorop c0831dd598 Move json pointers test to tpkg test 2015-12-11 11:56:44 +01:00
Willem Toorop c1b4694931 Setup test env from individually ran test packages 2015-12-11 11:05:52 +01:00
Willem Toorop aa1c38eb4f Merge branch 'features/tpkg' into develop 2015-12-10 17:34:01 +01:00
Willem Toorop 426d59d767 Disable IPv6 only test, because travis containers
don't support IPv6 :-(.

See: https://blog.travis-ci.com/2015-11-27-moving-to-a-more-elastic-future

Disabled test: getdns_context_set_upstream_recursive_servers_10
2015-12-10 16:49:55 +01:00
Willem Toorop de490408cd Use the verisign IPv6 upstream
google's sometimes timeouts...
2015-12-10 16:26:40 +01:00
Willem Toorop 69aed75d57 Travid in containers 2015-12-10 15:53:43 +01:00
Willem Toorop 1bb5320957 What am I thinking! 2015-12-10 15:39:26 +01:00
Willem Toorop 155b2b0d7a Small path mistake 2015-12-10 15:35:34 +01:00
Willem Toorop 2675554f6a Don't configure before running tests
+ run tests in a separate directory
2015-12-10 15:32:29 +01:00
Willem Toorop 45d12a9f0b travis doesn't have libuv-dev 2015-12-10 14:14:43 +01:00
Willem Toorop 5a4628e6fe tpkg based testing 2015-12-10 11:55:32 +01:00
Willem Toorop 91d638e4cd ignore getdns.pc 2015-12-09 16:13:32 +01:00
Willem Toorop 9eae0968a7 Merge branch 'neilcook-pkg-config' into develop 2015-12-03 14:11:14 +01:00
Willem Toorop 5c5feeed05 Merge branch 'pkg-config' of https://github.com/neilcook/getdns into neilcook-pkg-config 2015-12-03 14:10:34 +01:00
Neil Cook acf2fea365 pkg-config support 2015-12-02 13:15:16 -05:00
Claus Assmann 93f9f4c7d3 configure problem with getdns-0.5.1 on OpenBSD
Sorry for not using "github" to report a problem but I don't have
an account there...

Anyway, it seems the order of the libraries ssl and crypto is wrong:
with -lcrypto -lssl configure fails to find ub_fd():
: undefined reference to `SRP_Calc_A'
changing it to
-lssl -lcrypto
resolves the problem (and matches the order elsewhere,
e.g., unbound).
2015-11-26 11:42:02 +01:00
Willem Toorop 10a28817d0 Bumb versions, but 0.5.1 should have been 0.6.0 2015-11-26 11:19:22 +01:00
Willem Toorop 157f988791 Bumb versions, set release date 2015-11-18 17:32:50 +02:00
Willem Toorop 08bf613cde Prevent segfault with failed TLS handshake?
Need proper review for this patch!  Sara?
2015-11-15 12:46:21 -05:00
Willem Toorop 95618bb3a7 Merge branch 'release/v0.5.1' of github.com:getdnsapi/getdns into release/v0.5.1 2015-11-14 20:01:48 -05:00
Willem Toorop afe5db6b55 Get validation chain avoiding roadblocks 2015-11-14 20:00:13 -05:00
wtoorop dace6f2453 Merge pull request #123 from saradickinson/bugfix/call_debugging_and_transports
Fix bug with call_debugging reporting of UDP and add a getter for tls…
2015-11-13 16:42:57 +01:00
Sara Dickinson 508127a856 Add missing file.... 2015-11-13 14:47:03 +00:00
Sara Dickinson d75ba83013 Fix bug with call_debugging reporting of UDP and add a getter for tls_authentication 2015-11-13 13:28:43 +00:00
Willem Toorop 1bb2daff1e ub_setup_recursing not used without libunbound 2015-11-11 14:03:16 +01:00
Willem Toorop f3f854b35f Few more ChangeLog thins 2015-11-11 13:52:02 +01:00
Willem Toorop b9f8f94361 Update ChangeLog and check versions 2015-11-11 12:40:23 +01:00
wtoorop b3ce2cd897 Merge pull request #122 from dkg/develop
move EDNS_PADDING_OPCODE to assigned codepoint
2015-11-06 06:53:26 +09:00
Daniel Kahn Gillmor 69de906746 move EDNS_PADDING_OPCODE to assigned codepoint
in
https://www.ietf.org/mail-archive/web/dns-privacy/current/msg01067.html
, Tim Wicinski says:

> The EDNS Option Code for padding (aka draft-mayrhofer-edns0-padding)
> is '12'
2015-11-06 06:29:01 +09:00
wtoorop 638bc9f7b1 Merge pull request #121 from saradickinson/feature/hackathon1
Fix seg fault on timeout
2015-11-05 17:37:43 +09:00
saradickinson 1a72454b88 Remove debug 2015-11-05 14:41:23 +09:00
saradickinson 5f60683f57 Fix seg fault on timeout 2015-11-05 14:41:23 +09:00
Willem Toorop e7439cdaae Revert "Revert "why do we link libgetdns.so to dlopen?""
This reverts commit 8b96cd2f40.
2015-11-05 09:25:17 +09:00
Willem Toorop 8b96cd2f40 Revert "why do we link libgetdns.so to dlopen?"
This reverts commit c0bd844403.
2015-11-05 07:56:38 +09:00
Daniel Kahn Gillmor c0bd844403 why do we link libgetdns.so to dlopen?
i noticed that libgetdns.so is being linked against libdl, but i don't
think we're using dlopen or any of the other functions exported from
ldl.

fwict, ./configure is adding -ldl because of m4/acx_openssl.m4, which
claims:

	# openssl engine functionality needs dlopen().
	BAKLIBS="$LIBS"
	AC_SEARCH_LIBS([dlopen], [dl])
	if test "$LIBS" != "$BAKLIBS"; then
		LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
	fi

However, we're not using OpenSSL Engine support directly.  If some
library user wants to initialize openssl's engine support, they should
be able to do that with OpenSSL itself, and then they should be able to
get libcrypto and/or libssl to use libdl directly.

On some minimal systems, libcrypto and libssl might be built without
engine support at all; in that case, libgetdns is adding a superfluous
dependency to the linker.

I don't know the what the getdns policy is about tweaking the files in
m4/, but maybe the following patch can be safely applied?
2015-11-05 07:54:47 +09:00
Willem Toorop c7f4fc3625 Fix disabling roadblock avoidance with configure 2015-11-05 07:43:33 +09:00
Willem Toorop 26566a3b00 Merge branch 'develop' of github.com:getdnsapi/getdns into develop 2015-11-04 23:25:49 +01:00
Willem Toorop 7f4bdc0868 Bumb versions 2015-11-04 23:25:38 +01:00
Willem Toorop eb4ba438f7 return_validation_chain + roadblock_avoidance bug 2015-11-05 07:11:51 +09:00
Willem Toorop 8a6f7d5b90 Merge branch 'develop' into features/dnssec_roadblock_avoidance 2015-11-04 17:49:21 +09:00
Willem Toorop 0c3eb08f4d Merge branch 'features/call_debug' into develop 2015-11-04 16:23:22 +09:00
Willem Toorop 3a19050413 Code review changes
Commented inline on github
2015-11-04 16:18:22 +09:00
wtoorop 7230031c0a Merge pull request #119 from dkg/ietf94-privacy-hackathon
Thank you dkg!  Great work!

Interestingly you've put the configuration of those two features at "context" level.  Since both options (just like cookies) relate to upstreams, I think they should be configurable per upstream as well  (perhaps using the context settings as the defaults, over-loadable by those upstream options).  With my cookie implementation, I've implemented activation with an extension, but cookies also relate to upstreams, so perhaps they should be enableable per upstream as well (and have a global over-loadable setting in context).

Cheers,
-- Willem
2015-11-02 16:26:25 +09:00
Gowri 1bccd56244 Name change on test server certificate 2015-11-02 03:05:17 +01:00
Daniel Kahn Gillmor c322a8a330 add -P flag to getdns_query for EDNS padding policy 2015-11-01 15:49:56 +09:00
Daniel Kahn Gillmor 83bf5ab08b actually implement tls_query_padding_blocksize
since no DNS OPT value has been allocated, i chose a random value in
the experimental/local range.
2015-11-01 15:49:56 +09:00
Daniel Kahn Gillmor 1457c1a2b5 stash tls_query_padding_blocksize in the dns_req from the context 2015-11-01 15:49:56 +09:00
Daniel Kahn Gillmor b3128652f4 add tls_query_padding_blocksize property for getdns_context
This is a parameter to the getdns_context that tells the context how
much to pad queries that go out over TLS.

It is not yet functional in this commit, but the idea is to pad each
outbound query over TLS to a multiple of the requested blocksize.

Because we only have a set amount of pre-allocated space for dynamic
options (MAXIMUM_UPSTREAM_OPTION_SPACE), we limit the maximum
padding blocksize.

This is a simplistic padding policy.  Suggestions for improved padding
policies are welcome!
2015-11-01 15:49:56 +09:00