interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,319 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

1714 Commits

Author SHA1 Message Date
Willem Toorop c2edc94a3a Clear timeout event when getting dnssec chain 
With full recursion
 2017-04-06 15:18:12 +02:00
Willem Toorop e35a2182a9 missing #include 2017-04-06 12:24:27 +02:00
Willem Toorop 4ceec33d08 Do something about TLS renegotiation. 2017-04-06 11:46:10 +02:00
Willem Toorop e08d3592a0 Schedule timeout when collecting for dnssec chain 2017-04-06 11:20:08 +02:00
Willem Toorop f8c7d8b5d5 Network request submission and callback reporting 2017-04-05 22:43:27 +02:00
Willem Toorop 2220c1a48d Options for request debugging 2017-04-05 17:53:39 +02:00
Willem Toorop 67baa1d651 getdns_context_unset_edns_maximum_udp_payload_size 2017-04-05 12:37:48 +02:00
Willem Toorop edecca8b63 smime verification of root-anchors.xml in ~/.getdns 2017-03-27 09:21:29 -05:00
wtoorop fe49bc1c69 Merge pull request #279 from dkg/feature/padding-policy 
Implement sensible default padding policy.
 2017-03-27 08:19:31 -05:00
Daniel Kahn Gillmor f2a90925bc getdns-query: S is no longer a valid transport label. 2017-03-26 14:38:43 -05:00
Daniel Kahn Gillmor 9de4d6537b Implement sensible default padding policy. 
This commit changes the semantics of tls_query_padding_blocksize()
slightly.  Where previously both 0 and 1 meant "no padding", this
commit changes 1 to mean "pad using a sensible policy".

At NDSS 2017's DNS privacy workshop, I presented an empirical study of
DNS padding policies:

https://www.internetsociety.org/events/ndss-symposium/ndss-symposium-2017/dns-privacy-workshop-2017-programme#session3

The slide deck is here:
https://dns.cmrg.net/ndss2017-dprive-empirical-DNS-traffic-size.pdf

The resulting recommendation from the research is that a simple
padding policy is relatively cheap and still protective of metadata
when DNS traffic is encrypted:

 * queries should be padded to a multiple of 128 octets
 * responses should be padded to a multiple of 468 octets

Since getdns is only currently doing queries over tls, we only have to
implement the first part of this policy :)
 2017-03-26 14:37:28 -05:00
Willem Toorop f4fe2cb6c5 Merge branch 'develop' into hackathon/zeroconf-dnssec 2017-03-26 10:46:50 -05:00
wtoorop 148dfabf88 Merge pull request #276 from huitema/develop 
Fixing the select and poll event loops for Windows
 2017-03-26 10:20:48 -05:00
Willem Toorop 03efb66991 Keep connections open with sync requests too 2017-03-26 10:16:25 -05:00
huitema 6f0b08a400 Fixing the select event loop so it does not give up for naked timers in Windows. 
Making sure the poll event loop works on windows.
Fixing the poll event loop so it does not give up for naked timers in Windows.
 2017-03-26 10:07:44 -05:00
Willem Toorop 8864dfce92 Merge branch 'develop' into hackathon/zeroconf-dnssec 2017-03-25 20:37:36 -05:00
Willem Toorop 007208a122 Merge branch 'develop' of github.com:getdnsapi/getdns into develop 2017-03-25 20:22:54 -05:00
Willem Toorop 9fa6ab5994 Clang pragma's with clang only 2017-03-25 20:22:34 -05:00
Willem Toorop b7d16e3c89 One more leak 2017-03-25 17:00:02 -05:00
Willem Toorop 6316c558bc typo 2017-03-25 21:45:08 +01:00
Willem Toorop 3eb6ebf5e4 Fix memory leak 2017-03-25 21:33:30 +01:00
Willem Toorop 5f6e47d091 Only equip with peer cert when transport is TLS 2017-03-25 21:26:05 +01:00
Willem Toorop a2efd8f6c1 Report peer certificate in call_reporting 2017-03-25 19:36:20 +01:00
Willem Toorop 767ca21bc0 Debugging for anchor management 2017-03-25 19:02:51 +01:00
Willem Toorop ed0b655af0 Update doxygen 2017-03-25 06:45:02 -05:00
Willem Toorop 15b451d71b Recommit parts of "Minor fixes in MDNS code to make sure it does work after the recent loop tightening." 2017-03-23 13:09:34 +01:00
Willem Toorop 2a496969cd Fixes for mdns 2017-03-23 12:53:44 +01:00
Willem Toorop c275b205d3 Create doxygen tagfile 2017-03-23 10:58:18 +01:00
Willem Toorop f67314c1c1 Unbound event API without header compile fix 2017-03-22 14:36:16 +01:00
Willem Toorop 426fc238da Fixes for FreeBSD warnings when compiling tests 
/usr/local/include/check.h:454:75: warning: token pasting of ',' and __VA_ARGS__ is a GNU extension [-Wgnu-zero-variadic-macro-arguments]
     _ck_assert_failed(__FILE__, __LINE__, "Assertion '"#expr"' failed" , ## __VA_ARGS__, NULL)
/usr/local/include/check.h:454:75: warning: token pasting of ',' and __VA_ARGS__ is a GNU extension [-Wgnu-zero-variadic-macro-arguments]
 2017-03-22 14:10:15 +01:00
Willem Toorop b2ac3849b7 Fxies for two NetBSD compiler warnings 
ubkey-pinning.c -o pubkey-pinning.lo
./pubkey-pinning.c: In function '_getdns_verify_pinset_match':
./pubkey-pinning.c:385: warning: 'prev' may be used uninitialized in this function
IX_C_SOURCE=200112L -D_XOPEN_SOURCE=600 -c ./context.c -o context.lo
./context.c: In function '_getdns_upstream_shutdown':
./context.c:760: warning: comparison between signed and unsigned
 2017-03-22 13:50:11 +01:00
Willem Toorop b48a92c8f5 Max OS-X and FreeBSD multicast portability 2017-03-22 12:33:13 +01:00
Willem Toorop a7c824c756 Update changelog and documentation 2017-03-22 11:52:07 +01:00
Willem Toorop 5d12545391 Bugfix in handling UDP backing off 2017-03-22 10:52:55 +01:00
Willem Toorop fa99b206e8 Updated readme & new groups for doxygen 2017-03-21 12:28:48 +01:00
Willem Toorop fe446a0d66 Minor fixes 2017-03-20 23:17:44 +01:00
wtoorop 52e3d2e1b0 Merge pull request #265 from saradickinson/feature/new_settings 
Feature/new settings
 2017-03-20 22:25:52 +01:00
Willem Toorop a5876d57fe Dependencies 2017-03-20 21:58:45 +01:00
Willem Toorop a77a335370 Comment out dead assignement 
To silence static code analysis
 2017-03-20 21:57:57 +01:00
Willem Toorop 24abf43de1 Fit mdns code with pending dns netreqs on EMFILE 2017-03-20 21:33:19 +01:00
Willem Toorop ed0d4d044c Merge remote-tracking branch 'upstream/develop' into features/mdns-client 2017-03-20 16:42:24 +01:00
Willem Toorop a3fe958387 Sync with unbound 2017-03-20 16:41:57 +01:00
Willem Toorop 0048066a2a Test op coding practices 2017-03-20 16:15:02 +01:00
Willem Toorop 0891e16147 Pend netreqs when out of filedescriptors 2017-03-20 15:20:17 +01:00
Willem Toorop 8b09633c94 Bug and mem-leak fix 2017-03-20 11:03:15 +01:00
Christian Huitema ed66edf52a Making sure that the project compiles on Windows when HAVE_MDNS_SUPPORT is present. 
Moving the 2 additional LRU functions from mdns.c to lruhash.c
Defining the 2 additional functions in lruhash.h
 2017-03-17 12:19:54 -07:00
Sara Dickinson 1cf39c9134 Typo 2017-03-17 18:33:33 +00:00
Sara Dickinson d8f4aebdee Merge branch 'feature/parallel_upstreams' into feature/new_settings 2017-03-17 17:48:52 +00:00
Sara Dickinson 915689141b Fix symbol order 2017-03-17 17:47:30 +00:00
Sara Dickinson 68eadedc10 Fix rogue bracket 2017-03-17 17:35:47 +00:00
Sara Dickinson 6f7bad5d73 Add new configuration parameters for TLS back off time and connection retries 2017-03-17 17:26:18 +00:00
Sara Dickinson dd76132a92 Implement round robin for UDP. Not sure this is the best option though. Noticed it results in more timeouts if one resolver isn't responding because it is retried more frequently. Willem - please review. 2017-03-17 17:16:14 +00:00
Sara Dickinson 1d4e3dd790 Update the name of the new option to 'round_robin_upstreams' 2017-03-17 16:53:03 +00:00
Sara Dickinson 6734a00d59 Improve the logging 2017-03-17 11:25:47 +00:00
Sara Dickinson 2a1a6768cb Add unit test and catch a typo 2017-03-16 16:26:34 +00:00
Sara Dickinson f0f3c43552 - Add a new mode where for TLS (and infact TCP too) the upstream selection simply cycles over all the upstreams rather than treating them as an ordered list and always using the first open one. 
- Make IP field in debug output fixed width
- Collect all the one line config options at the top of the stubby.conf file to make it easier to read
 2017-03-16 14:51:46 +00:00
Willem Toorop 5ea181172a Reschedule pending netreqs 2017-03-15 15:16:42 +01:00
Willem Toorop 14c9f3aafc Track netreqs "in flight" 2017-03-14 17:17:56 +01:00
Willem Toorop b8f43c8acd Mention the number of simultaneous queries in error (and success) 2017-03-14 15:20:56 +01:00
Willem Toorop 0655a08fa7 Unit test for set_limit_outstanding_queries 2017-03-14 15:03:43 +01:00
Willem Toorop 639239f45c Schedule dnsreqs with absolute timeout/expiry time 2017-03-13 14:20:47 +01:00
Willem Toorop 79ce0cff85 Make mdns compile on Linux 2017-03-09 14:36:20 +01:00
Willem Toorop f1968d1e2c Merge branch 'devel/ub-symbol-mapping' into features/mdns-client 2017-03-09 13:09:56 +01:00
Willem Toorop 82c92f8dc7 Better dependency rewriting 2017-03-09 13:02:05 +01:00
Willem Toorop f751de696a Import lruhash and lookup3 from unbound 2017-03-09 12:08:53 +01:00
Willem Toorop 5b5123a79d HAVE_PTHREAD instead of HAVE_PTHREADS like unbound 2017-03-09 11:46:15 +01:00
Willem Toorop 5a2ee50de3 Have a define for any debugging 2017-03-09 11:40:39 +01:00
Willem Toorop dd656b7421 More comprehensible auxiliary directory names 
(in src/util)
 2017-03-09 10:44:38 +01:00
Willem Toorop 0ecaf163d9 Update original source directly 2017-03-08 23:14:24 +01:00
Willem Toorop e02442eb98 Original val_secalgo files + symbol mapping 2017-03-08 23:04:52 +01:00
Willem Toorop ec685e900d Map rbtree symbols 2017-03-08 22:10:22 +01:00
Willem Toorop de1ab4c8a4 Merge branch 'develop' into huitema-develop 2017-03-06 16:07:12 +01:00
Christian Huitema 4058529081 First version of the MDNS multicast client that actually works. 2017-03-03 16:52:02 -08:00
Willem Toorop 09baade016 Print pinsets Bas64 too 
+ bugfix in reading base64
+ base64 pinsets in stubby.conf
 2017-02-28 07:28:18 -08:00
Willem Toorop 6a9e2f4a56 Base64 primitive in json input 2017-02-27 16:22:52 -08:00
Willem Toorop bbd2fb8cf0 Although safe, a bit scary 2017-02-27 14:30:44 -08:00
Christian Huitema 03307a7b71 Code almost complete for the MDNS multicast + cache. 
Of course, we still need a lot of testing.
 2017-02-23 17:55:31 -08:00
Sara Dickinson 7c8605c3b1 And fix the whitespace... 2017-02-23 17:03:00 +00:00
Sara Dickinson f71dd2bf71 Re-order so checks pass! 2017-02-23 16:50:29 +00:00
Sara Dickinson ebdf657fd7 Change pins for IPv6 addresses for Sinodun privacy servers! 
Improve logging of auth failure
 2017-02-23 16:48:16 +00:00
Sara Dickinson ff4ecd5b39 Couple of extra output messages so Stubby users in strict mode know why the authentication failed 2017-02-23 15:38:45 +00:00
Sara Dickinson 1b7aef5a88 Add a new GETDNS_RETURN code for the case where no upstream is considered valid and hence a query cannot even be scheduled. Only applies when using purely stateful transports. This can happen when using Stubby if there are problems with connections to upstreams. 2017-02-23 14:49:17 +00:00
Sara Dickinson 356408955d Update the SPKI pin in the stubby.conf file for the Sinodun/Surfnet servers. 2017-02-23 13:55:43 +00:00
Sara Dickinson 09df4e2d5d Fix spacing error in stubby help output 2017-02-23 13:55:43 +00:00
Willem Toorop 4b6962cd9a Use __FUNC__ instead of function for protability 
It is #defined to __FUNCTION__ or to __func__ depending on what configure detected.
 2017-02-19 09:55:10 +01:00
Willem Toorop b3a06f1944 A bit more consistency in user_callback usage 2017-02-19 09:47:41 +01:00
Willem Toorop 8fccd66813 cancel_outstanding_requests by transaction_id 
to prevent double frees as side effect of getdns_dns_req being canceled by user callbacks.
 2017-02-19 09:39:10 +01:00
Willem Toorop ba7dfbeec0 Misplaced event clear in stub.c 2017-02-18 15:56:06 +01:00
Willem Toorop 74b1f77357 Cancel get validation chain getdns_dns_reqs 
And miscellaneous little other scheduling fixes and optimizations
 2017-02-18 13:16:25 +01:00
Willem Toorop a453678094 Debug the call to poll 2017-02-18 10:07:04 +01:00
Willem Toorop 7e9956b19e Call cancel callbacks only when callback exists 2017-02-17 23:39:35 +01:00
Willem Toorop 6ed3d77523 Cancel child validation chain dns_reqs on ... 
parent dns_req cancelation.
 2017-02-17 23:35:50 +01:00
Willem Toorop 990800d9f9 Bugfix poll_eventloop initialization error 2017-02-17 13:16:06 +01:00
Willem Toorop df45a2f1c7 Dependencies 2017-02-16 23:03:31 +01:00
Willem Toorop 91dd991348 Cancel requests without callback 2017-02-16 22:55:15 +01:00
Willem Toorop a6859a08d3 Remove getrlimit from poll_eventloop 
No use to check for this limit, because the filedescriptor is already open.
 2017-02-16 22:48:16 +01:00
Willem Toorop d20bbde25e Fixed time allocation and free for fd_events 2017-02-16 22:41:37 +01:00
Willem Toorop f6d46689b6 Fixed time allocation and free for to_events 2017-02-16 16:26:41 +01:00
Willem Toorop 2d35993c83 Timeout events in array 2017-02-16 15:22:57 +01:00
Willem Toorop e87e907128 Constants for Edward Curves 2017-02-16 11:01:48 +01:00
wtoorop 17a5a5db92 Merge pull request #258 from wtoorop/devel/_vfixed_gbuffers 
A special bit for the snprintf style modus operandi of fixed gldns gbuffer's
 2017-02-16 10:51:20 +01:00
Willem Toorop 445470d831 Rename a gldns function 2017-02-16 10:32:17 +01:00
Melinda Shore c72d74a0fa Merge pull request #259 from wtoorop/devel/fixed_eventloop 
Devel/fixed eventloop
 2017-02-15 10:25:45 -09:00
Willem Toorop e4eddca259 Reference event_info directly 2017-02-15 15:10:11 +01:00
Willem Toorop 7b6b0ff642 No helper copy variables 2017-02-15 14:57:30 +01:00
Willem Toorop c805d40585 Clean in place executed unit tests 2017-02-15 14:04:34 +01:00
Willem Toorop b2fe9673de Fix realloc pfds set error + callback order error 2017-02-15 13:08:47 +01:00
Willem Toorop 04f6a2b13b Fixed dependencies 2017-02-15 12:47:55 +01:00
Willem Toorop 840ba8c85d Reference fixes jsmn 2017-02-15 12:46:48 +01:00
Willem Toorop b7c2e53a82 Off by one problem? 2017-02-15 12:21:29 +01:00
Willem Toorop 3e8822e0e2 Fix uninitialized data error in valgrind check 2017-02-15 11:43:07 +01:00
Willem Toorop c936f0c51d Other allocs and frees with custom mem funcs too 2017-02-15 10:56:19 +01:00
Willem Toorop 7484b8c37b Initialize default eventloop with custom mem funcs 2017-02-15 10:22:41 +01:00
Christian Huitema 6d3e0c7ca2 Rewrote the continuous query organization to use the LRU cache instead of an RB tree. 2017-02-14 11:30:29 -10:00
Willem Toorop 549de0de60 Use of custom mem funcs by uthash 2017-02-14 13:41:58 +01:00
Christian Huitema 1587e2f8f5 Code to manage the MDNS cache using LRUHASH 2017-02-13 18:28:46 -10:00
Willem Toorop 30e1683d2f Deal with windows vsnprintf in config.h 2017-02-13 12:32:10 +01:00
Willem Toorop 60443fb7fd Choice of poll or select based default event loop 2017-02-13 11:56:25 +01:00
Willem Toorop 2b9987014d Special _vfixed gbuffer property 
For snprintf style buffers which position can go beyond capacity
 2017-02-08 13:51:25 +01:00
Christian Huitema 93d6f2b18f Intermediate commit, after definition of the MDNS context 2017-02-06 18:23:35 -10:00
Christian Huitema 4c71d6239f Fixing potential bug for comparision function net_req_query_id_cmp on 64 bits architectures. 2017-01-21 14:49:58 -08:00
Christian Huitema 4ccfa2a781 Preparing fix for 64 bit warning in net_req_query_id_cmp 2017-01-21 14:46:38 -08:00
Christian Huitema 83ec9b74e9 Merge branch 'develop' of https://github.com/huitema/getdns into develop 
Conflicts:
	src/jsmn
 2017-01-20 19:57:11 -08:00
Christian Huitema 31eee9c7d1 Intermediate commit of context.h, mdns.[ch] 2017-01-20 19:44:05 -08:00
Christian Huitema abd0244aba Fixing a potential bug in the RB tree for netreq_by_id 2017-01-20 19:33:12 -08:00
Neil Cook dad4aaf6d8 correctly allocate and free memory for eventloop hashes 2017-01-18 15:31:01 +00:00
Neil Cook fd3e0c01f7 call default_time_cb with -1 instead of index 2017-01-18 15:12:56 +00:00
Willem Toorop f1c44dc15c Merge branch 'develop' into devel/1.1.0 2017-01-18 14:40:32 +01:00
Willem Toorop 17da80a828 Feed poll with millisecond timeout 2017-01-18 14:29:32 +01:00
Willem Toorop 45ee18e285 Merge branch 'fixed_eventloop' of https://github.com/neilcook/getdns into neilcook-fixed_eventloop 2017-01-18 12:05:32 +01:00
Willem Toorop 7bf953b2bd Merge branch 'huitema-develop' into develop 2017-01-18 12:00:33 +01:00
Willem Toorop f4cd8f6b47 Fix constants 2017-01-13 22:38:23 +01:00
Willem Toorop 9c9c52aacc Merge branch 'develop' into release/1.1.0-alpha3 2017-01-13 22:08:59 +01:00
Willem Toorop 9320364053 Fix two more sign-compare warnings 2017-01-13 21:28:07 +01:00
Willem Toorop 155ceede4c Unuser variables with --without-libidn 2017-01-13 20:49:26 +01:00
Willem Toorop e80d3340c6 Coverage linking + missing constant in str2int 2017-01-13 20:43:04 +01:00
Willem Toorop cd199def68 Cookies and roadblock avoidance on by default 
per RFC7873 and RFC8027
 2017-01-13 19:45:54 +01:00
Willem Toorop 25849645d4 Don't crash with missing trust-anchors 2017-01-13 13:42:16 +01:00
Willem Toorop bb0ad001e7 Fix non existant domain names 2017-01-13 12:59:16 +01:00
Willem Toorop 9a3b01ed62 DSA support with OpenSSL 1.1.0 2017-01-13 12:48:15 +01:00
Christian Huitema 53d73d2f90 Implementing the ARC4_LOCK/UNLOCK functions for Windows. 2017-01-13 12:24:46 +01:00
Christian Huitema 99fb7100ea Placing all MDNS code under ifdef HAVE MDNS SUPPORT to minimize risk in main branch. 2016-12-22 20:30:14 -08:00
Christian Huitema 1d24c90768 Fixing bad declaration in mdns.h 2016-12-22 20:07:31 -08:00
Christian Huitema 2e46a4b136 Adding missing directives for mdns.c, .o, .lo in make file. 2016-12-22 19:37:49 -08:00
Christian Huitema f1b8b25afa Implementation of basic MDNS support 2016-12-22 15:51:47 -08:00
Neil Cook 7ebf3924b5 Copy event pointer out of event hash table before callbacks, because it might be deleted 2016-12-16 10:36:21 +00:00
Neil Cook 5e26137eda Fix default_eventloop_run OR instead of AND and hash table iteration safety 2016-12-15 13:40:40 +00:00
Willem Toorop 9b715d4743 Suppress compile warnings 2016-12-15 09:53:49 +01:00
Willem Toorop da527358c0 Merge branch 'develop' into devel/fixed_eventloop 2016-12-15 09:45:16 +01:00
wtoorop d3b7a30651 Merge pull request #218 from neilcook/openssl_init 
call SSL_library_init() just once and lock with mutexes
 2016-12-15 08:29:58 +01:00