interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,149 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

184 Commits

Author SHA1 Message Date
Willem Toorop d7099f6e30 Deal with DoT servers that take long to connect to 
(because they might be under attack)
 2020-02-21 14:17:00 +01:00
Willem Toorop b22768709a Runtime fallback and FreeBSD compatible TFO 2019-04-03 12:24:09 +02:00
Jim Hague 3fe0c94357 Merge branch 'develop' into feature/abstract-tls 2019-01-14 19:09:20 +00:00
Willem Toorop bb99321e57 More constness for issue #410 2018-12-07 16:34:03 +01:00
Willem Toorop 8a7226baee Move from debugging to logging for 
- upstream_stats & stub system
 2018-12-07 14:02:17 +01:00
Willem Toorop a1692359f3 RFE #408: Retry fetching of TA after backoff time 2018-12-03 12:27:31 +01:00
Willem Toorop c1f51815ba RFE #408: "dnssec" extension requiring DNSSEC 
When this extension is set, GETDNS_DNSSEC_INDETERMINATE status will no
longer be returned.
 2018-11-30 14:20:12 +01:00
Willem Toorop 1904ee7318 Enhancement getdnsapi/stubby#56 & getdnsapi/stubby#130 
Configurable TLS version
 2018-11-21 15:02:28 +01:00
Willem Toorop 6a5e96d4e1 tls_ciphersuites + bugfix in strdup2!! 2018-11-20 16:13:57 +01:00
Jim Hague d9fdd4c10d Abstracting TLS; let's start with context only. 
Change data types in context.h and fix up context.c. Do minimal fixups to stub.c.
 2018-11-15 11:01:13 +00:00
Robert Groenenberg a0fb2c8424 Limit back_off value to avoid very long retry interval 2018-03-05 12:01:52 +01:00
Willem Toorop 223e85bc02 Merge branch 'features/tls_curves_list' into release/1.4.0 2018-02-12 16:04:49 +01:00
Willem Toorop 401aa2e3b8 Specify the supported curves with TLS 2018-02-12 15:40:17 +01:00
Jim Hague 3666d994a7 Add 'keepalive' test and supporting changes to getdns library. 
Checking for server support for keepalive means we need to know if the server did send a keepalive option to the client. This information is not currently exposed in getdns, so add a flag 'server_keepalive_received' to call_reporting. This is 0 if not received, 1 if received. If received, the actual timeout is in 'idle timeout in ms', though watch out for the overflow alternative.
 2018-01-17 15:17:20 +00:00
Willem Toorop 97cc67d026 s/CApath/tls_ca_path/g s/CAfile/tls_ca_file/g 2017-12-21 13:08:01 +01:00
Willem Toorop ae38a29a50 Upstream specific tls_cipher_list's 2017-12-21 12:30:15 +01:00
Willem Toorop 8f88981efe rename set_cipher_list() to set_tls_cipher_list() 2017-12-21 11:35:05 +01:00
Willem Toorop 7fe3bd6a1f getdns_context_set_ciphers_list() 2017-12-20 13:13:02 +01:00
Willem Toorop 5f1a2f8659 Merge branch 'features/CA_verify_locations' into release/1.2.2 2017-12-13 14:49:42 +01:00
Willem Toorop da3f023d8f set_CApath() and set_CAfile() for alt verify locs 2017-12-12 15:10:37 +01:00
Willem Toorop 96ed06c6a9 Initialize context with given resolv.conf and hosts files 
- getdns_context_create with set_from_os set will simply call these
  functions with the defaults

+ filechg_check is simplified somewhat (reducting memory management)
+ get OpenSSL version version via get_api_information()
 2017-12-12 12:24:31 +01:00
Willem Toorop c0a3babe0a Separate sys_ctxt for meta queries 2017-11-23 12:44:40 +01:00
Willem Toorop ed6c7a6b58 getdns_context_create2 and family that set an ... 
... alternative resolvconf file
 2017-11-22 15:49:30 +01:00
Willem Toorop a7a6240202 Set default resolvconf and hosts during configure 2017-11-22 15:01:38 +01:00
Willem Toorop f8e1ed78b8 Make upstream_reset static (and not shared between .c files) 2017-10-19 12:48:58 +02:00
Willem Toorop 23daf9aac3 Fix TLS authentication 2017-09-28 22:17:36 +02:00
Willem Toorop 114b5785f7 Doxygen documentation for Zero configuration DNSSEC 
+ rename of getdns_context_(get|set)_trust_anchor_*()
         to getdns_context_(get|set)_trust_anchors_*()
 2017-09-22 12:25:56 +02:00
Willem Toorop da2aa634d3 Make appdata_dir configurable + 
settings via getdns_context_config()
 2017-09-21 17:06:29 +02:00
Willem Toorop 34d35f9e79 Track updating TA's with root DNSKEY rrset 2017-09-20 10:30:13 +02:00
Willem Toorop 463855d274 Writability test for application data 2017-09-16 18:16:21 +02:00
Willem Toorop 57e6487d76 Some more fixes specific to travis 2017-09-14 16:02:37 +02:00
Willem Toorop 8c4ed6294e Merge branch 'develop' into features/zeroconf-dnssec 2017-09-14 12:27:47 +02:00
Willem Toorop 8f3ce9af35 Configurable zero configuration DNSSEC parameters 2017-09-13 14:00:54 +02:00
Willem Toorop 8aa46b305d Merge branch 'develop' into features/zeroconf-dnssec 2017-09-11 11:09:58 +02:00
Sara Dickinson 42945cfc08 Make the backoff time incrementally increase until the upstream starts working again 2017-09-08 17:28:37 +01:00
Sara Dickinson 2e4e3873e4 First pass at fixing problems when connections to servers are lost. 
Need to reset connection state if connections fail at setup and on read/write if there are no more messages queued.
This means we will back-off servers that fail, so we should think about using a shorter backoff default in stubby
because otherwise temporarily loss of the network connection will mean having to restart stubby.
Also some minor changes to logging.
 2017-09-06 11:05:08 +01:00
Willem Toorop 11138ff678 Also register application set trust anchors 2017-07-01 01:00:40 +02:00
Willem Toorop 2b20f35e0e Write fetched trust anchor 2017-07-01 00:05:20 +02:00
Willem Toorop f9bdedbf84 Reconnect on pipelining failure 2017-06-30 22:00:14 +02:00
Willem Toorop 3e6c5775ff Fetch and equip context with trust-anchors 2017-06-30 10:18:07 +02:00
Willem Toorop 742588dd6f Merge branch 'develop' into hackathon/zeroconf-dnssec 2017-06-29 11:09:30 +02:00
Willem Toorop fb267938c3 Start with fetching root-anchors remotely 
Also lays the foundation for looking up upstreams by name and DANE authentication of upstreams.
 2017-06-28 20:35:30 +02:00
Willem Toorop 04e554086a A configurable log function 
Currently used only for DAEMON_DEBUG
 2017-06-27 00:23:22 +02:00
Willem Toorop 7ea3beaa6a Equip context with xml read trust anchors 2017-06-22 12:27:20 +02:00
Willem Toorop e496d13777 Start with getting files from user area 2017-06-20 15:38:32 +02:00
Willem Toorop 5d12545391 Bugfix in handling UDP backing off 2017-03-22 10:52:55 +01:00
wtoorop 52e3d2e1b0 Merge pull request #265 from saradickinson/feature/new_settings 
Feature/new settings
 2017-03-20 22:25:52 +01:00
Willem Toorop ed0d4d044c Merge remote-tracking branch 'upstream/develop' into features/mdns-client 2017-03-20 16:42:24 +01:00
Sara Dickinson 6f7bad5d73 Add new configuration parameters for TLS back off time and connection retries 2017-03-17 17:26:18 +00:00
Sara Dickinson 1d4e3dd790 Update the name of the new option to 'round_robin_upstreams' 2017-03-17 16:53:03 +00:00