interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,702 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

2702 Commits

Author SHA1 Message Date
Willem Toorop 0ef910b9ee read_buf's may remain on canceled tcp requests 2017-12-21 14:53:54 +01:00
wtoorop efb0539c15
Merge pull request #368 from getdnsapi/devel/tls_settings 
TLS settings have tls_ prefixed name
 2017-12-21 14:25:01 +01:00
Willem Toorop 97cc67d026 s/CApath/tls_ca_path/g s/CAfile/tls_ca_file/g 2017-12-21 13:08:01 +01:00
wtoorop f173f4667f
Merge pull request #367 from getdnsapi/features/set_cipher_list 
Features/set cipher list
 2017-12-21 13:00:08 +01:00
Willem Toorop ae38a29a50 Upstream specific tls_cipher_list's 2017-12-21 12:30:15 +01:00
Willem Toorop 8f88981efe rename set_cipher_list() to set_tls_cipher_list() 2017-12-21 11:35:05 +01:00
Willem Toorop 7fe3bd6a1f getdns_context_set_ciphers_list() 2017-12-20 13:13:02 +01:00
Willem Toorop 2bd5df4959 Update to Stubby v0.2.1 2017-12-20 09:53:11 +01:00
Willem Toorop d35fae5038 Bump version (to 1.3.0-rc2), update ChangeLog 2017-12-20 09:43:45 +01:00
Willem Toorop 274bc9bc4a Merge branch 'develop' into release/1.2.2 2017-12-20 09:37:56 +01:00
wtoorop 76d8f11b44
Merge pull request #366 from hardfalcon/develop 
Add support for TLS 1.3 and Chacha20-Poly1305
 2017-12-20 09:36:59 +01:00
wtoorop 7b20414ee0
Merge pull request #365 from saradickinson/fix_windows_build 
Fix windows build
 2017-12-19 11:25:33 +01:00
Pascal Ernster 65c7a738eb
Add support for TLS 1.3 and Chacha20-Poly1305 
Add support for TLS 1.3 (requires OpenSSL 1.1.1) and Chacha20-Poly1305 (requires OpenSSL 1.1).

Older OpenSSL versions will simply ignore ciphersuite specifications they don't understand and use the subset which they do unterstand.

Note that "EECDH" does *not* select anonymous cipher suites (as opposed to "kECDHE").
 2017-12-15 20:01:30 +00:00
Sara Dickinson 00d3232ba4 Fix windows build 2017-12-15 16:53:23 +00:00
Willem Toorop ac17d4ebed We need a specific install location for tests builds ... 
to not load default library
 2017-12-14 11:53:15 +01:00
wtoorop 9c35fa1643
Merge pull request #364 from saradickinson/move_macos_script 
Update makefile because a file in Stubby was moved
 2017-12-13 16:35:32 +01:00
Willem Toorop 2b5b59537f Getting Stubby ready to merge PR #364 2017-12-13 16:33:37 +01:00
Willem Toorop fd16d7b5eb Bugfix in stubby.c (copy/paste error) 2017-12-13 15:59:42 +01:00
Willem Toorop 0615457dfa Resolve constant conflict 2017-12-13 15:43:36 +01:00
Willem Toorop 9f566de65d DNSSEC segfault issue 2017-12-13 15:41:08 +01:00
Sara Dickinson d232353f93 Update makefile because a file in Stubby was moved 2017-12-13 14:22:52 +00:00
Willem Toorop d7864ee0df Stubby disabling DNSSEC validation update 2017-12-13 14:52:49 +01:00
Willem Toorop 2c66487635 Merge branch 'devel/dnssec_meta_queries' into release/1.2.2 2017-12-13 14:52:00 +01:00
Willem Toorop 5f1a2f8659 Merge branch 'features/CA_verify_locations' into release/1.2.2 2017-12-13 14:49:42 +01:00
Willem Toorop cfeaefbe3f Merge branch 'features/resolvconf' into release/1.2.2 2017-12-13 14:44:06 +01:00
Willem Toorop 825e2fd15f Bump version 2017-12-13 14:42:18 +01:00
Willem Toorop 090b076d96 Zero configuration DNSSEC meta queries on existing transports 
Should fix bug #356
 2017-12-13 13:08:24 +01:00
Willem Toorop a63e5edb86 trust-anchor meta queries need to be done opportunistic too 
In anticipation of DANE authenticated upstreams
 2017-12-13 12:58:24 +01:00
Willem Toorop e691312a3f Schedule DNSSEC meta queries against existing context 2017-12-13 12:50:03 +01:00
Willem Toorop 362d168380 no_dnssec_checking_disabled extension for internal use only 2017-12-13 12:36:02 +01:00
Willem Toorop d4ec98ae6d ChangeLog for previous commit 2017-12-13 11:55:49 +01:00
Willem Toorop d5518bad67 Return which extensions are set 
(for programs (Stubby) to know whether a context will do native dnssec validation or not)
 2017-12-13 11:12:49 +01:00
Willem Toorop da3f023d8f set_CApath() and set_CAfile() for alt verify locs 2017-12-12 15:10:37 +01:00
Willem Toorop 26877d4494 Include sys/stat.h (from config.h) + 
+ introduce GETDNS_RETURN_IO_ERROR return code
  (forgot to mention that in previous commit)
 2017-12-12 12:38:55 +01:00
Willem Toorop 96ed06c6a9 Initialize context with given resolv.conf and hosts files 
- getdns_context_create with set_from_os set will simply call these
  functions with the defaults

+ filechg_check is simplified somewhat (reducting memory management)
+ get OpenSSL version version via get_api_information()
 2017-12-12 12:24:31 +01:00
Willem Toorop 01197f10ff Merge branch 'develop' into features/resolvconf 2017-11-29 15:25:50 +01:00
wtoorop b105faad7d
Merge pull request #360 from getdnsapi/bugfix/private_ecs_with_family 
Bugfix #359: edns_client_subnet_private should set family
 2017-11-28 16:59:37 +01:00
Willem Toorop 17d23ddb99 Restore running all unit tests again 2017-11-28 16:58:58 +01:00
Willem Toorop 8c87028d77 Only get root-anchors.xml when BOGUS root dnskey... 
did have signatures which did not validate
 2017-11-28 16:58:12 +01:00
Willem Toorop 2a39b6e2e8 Handle the uninitialized memory error the brutal way 
Because clang (or valgrind with clang) is just wrong here
 2017-11-28 16:51:28 +01:00
Willem Toorop 72eb8628d0 Report on single unit tests too 2017-11-28 16:44:08 +01:00
Willem Toorop 543435d89d Clang bitfield issue 2017-11-28 16:40:17 +01:00
Willem Toorop 025f1cdff3 set_from_os last to initialize ... 
... because it is initialized with values from context itself!
I.e. context->tls_backoff_time, context->tls_connection_retries and context->log are used to initialize upstreams in upstreams_create() called from set_from_os
 2017-11-28 16:04:23 +01:00
Willem Toorop 30e440d35c Access of freed memory in stub DNSSEC cleanup code 
Should fix the latest core dump reported in getdnsapi/stubby#34
 2017-11-27 15:26:45 +01:00
Willem Toorop 323239be58 Scan valgrind logs for errors too 2017-11-27 15:02:32 +01:00
Willem Toorop 27847b9a0a Initialize context->sys_ctxt! 2017-11-23 13:23:00 +01:00
Willem Toorop 6afb02b2f1 Bugfix #359: edns_client_subnet_private should set family 
Thanks Daniel Areiza
 2017-11-23 13:20:42 +01:00
Willem Toorop c3cdf496e3 Meta queries to upstreams from resolvconf setting 2017-11-23 12:48:48 +01:00
Willem Toorop c0a3babe0a Separate sys_ctxt for meta queries 2017-11-23 12:44:40 +01:00
Willem Toorop 3e16075563 Test getdns_context_create2 with getdns_query 2017-11-23 12:26:40 +01:00