Commit Graph

1699 Commits

Author SHA1 Message Date
Sara Dickinson 9d967317d3 Improve the timeout handling for TLS. 2015-05-03 15:11:46 +01:00
Sara Dickinson 01adce8299 Organise code in stub.c and add some utility methods. 2015-05-02 18:08:45 +01:00
Sara Dickinson d6d83b219d Make sure UDP only uses 1 upstream per IP address. Fix a couple of other bugs. 2015-04-30 19:07:49 +01:00
Sara Dickinson 450a3bc6ff Fix STARTTLS fallback. 2015-04-30 14:52:16 +01:00
Sara Dickinson 7905eda8b7 Some clean up of connection handling. Still a problem with STARTTLS fallback that needs fixing. 2015-04-30 12:24:13 +01:00
Willem Toorop 393b847668 autoreconf + ChangeLog for Daniel's libversion fix 2015-04-30 11:57:32 +02:00
Daniel Kahn Gillmor f61a3d0fce Fix libversion numbering
Version 0.1.7 built libgetdns.so.0 instead of libgetdns.so.1.  This
broke anything depending on the package keeping the same SONAME from
0.1.6 to 0.1.7.

The problem stems from a broken libversion in upstream's configure.ac.

This is worked around in 0.1.8 by another change to GETDNS_LIBVERSION,
but the change isn't correct either, since interfaces have been added
again (in partcular, the GETDNS_TRANSPORT_TLS_* constants have been
added, which affects the API at least, for tools trying to compile
against the newer version).

Note that the commentary in configure.ac about how to update
libversion is correct up to a point, but then breaks things badly.
This patch removes that as well.

Here is the canonical reference for how to update libversion:

https://www.gnu.org/software/libtool/manual/libtool.html#Updating-version-info
2015-04-30 11:33:39 +02:00
Sara Dickinson 79b3412fbf Add another transport option as proof of concept for STARTTLS. 2015-04-29 19:20:25 +01:00
Sara Dickinson b533bc59c5 Fix bug when fallback not available 2015-04-27 16:37:16 +01:00
Sara Dickinson 4e6e66fc77 Get sync messages working with new async code. 2015-04-27 15:32:57 +01:00
Sara Dickinson 3de15ad782 Change internal transport handling to use a list, not a fixed type 2015-04-24 16:29:08 +01:00
Sara Dickinson f2ae55858f First pass at making handshake async. Lots of issues with this code still
- timeouts are not being rescheduled on fallback
- several error cases are not being handled correctly (e.g. 8.8.8.8) and a user callback is not always called
- the fallback mechanism is not generic (specific to tls to tcp)
2015-04-23 17:46:31 +01:00
Willem Toorop 29b378ab16 release v0.1.8
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJVNB2sAAoJEOX4+CEvd6SYQVkP/1AgRoUw+5BM6gm+z5J4heXg
 W9EpICfKn2BTC8JVwVOzA3LHJZ95tosNv+fy0faK0n7jByvT4ySl4V/k2W9JSd/S
 bhDR5A1zyfYJdLTDONdkwXki9H90MW69lRGfh+zb0VHzFwi/10xQqYlUatF0IxY3
 Vg4L0PBaUC4UsQevjJNxDJQkr4Q5hJph9jLyij7Zfty/rqjDIZoQpZgMeoZIr9xI
 v51lnlG0ss6lnSRUkM1Nta3mFsXhTDNAhe8/pPUP+lWXceXqCWK63vJGf6Lp3LN4
 gw/COsGnQdiUIbfRGWWGXuqG4c52SAK+ZE9D01bOeLJHw2S8IuA8oFvXdwfGcvYQ
 /gax26lguWk4IrgWIHTRalZJbn+mTNG/DXqrpOuw+BWp3prdoJmyvtOc0rLX1OB2
 ueDDphPg/kSiSknnMmrUgHC2elWewsZCFhx5Umy149ONQK85AQ08DAtJP5dHsXzi
 Om/wuvbuzhoHtPV9YZZYcTa6uSVWaMLHLVJ5K9ifTJEvIKk4pVwbsFS5XIZAVEig
 yGmSsngTQP4w3LdFZSCk3FRu0D+y60sG++Gs1X2X+TsLP/6ZoOL0lYEkPwGfHsvL
 dhgG+iNUgSKmLwrpyI7c1DD1ZlpZluomjQQ5evfogHOmZC22AJvuNQI6hJY1pvXQ
 AU+pzxUfo8947+nEJxMR
 =qFXQ
 -----END PGP SIGNATURE-----

Merge tag 'v0.1.8'

release v0.1.8
2015-04-19 23:28:49 +02:00
Willem Toorop 6d4c0afdeb Correct library version bump
Also the mistake in the last version
2015-04-19 22:07:11 +02:00
Willem Toorop 034150cb42 Bump version & update ChangeLog for 0.1.8 release 2015-04-19 21:36:24 +02:00
Willem Toorop 2a6fc74314 netinet/in.h and openssl/ssl.h from config.h 2015-04-18 22:30:56 +02:00
Willem Toorop 0ba6af3523 upstreams_cleanup from upstreams_dereference 2015-04-18 22:17:28 +02:00
Willem Toorop 84c5b67ee0 Re-enable printing of json with getdns_query 2015-04-18 09:53:50 +02:00
Willem Toorop b26f09d1aa autoreconf -if # For convenience... 2015-04-18 09:35:46 +02:00
Sara Dickinson 6c7ffc4e4e 1) Fix enum mapping error.
2) Also add detection of TLS 1.2 in openssl during configure and warn that it if not available then TLS will not be available. Using TLS_ONLY in stub mode will then error with BAD_CONTEXT. TLS/TCP will fallback to TCP.

3) Explicitly disallow use of TLS_ONLY in RECURSIVE mode since it isn't supported yet. TLS/TCP will fallback to TCP.

4) Fix for MAC OS X build where openssl not linked correctly
2015-04-17 18:38:13 +01:00
Sara Dickinson ab4fb8d9e9 Enable GETDNS_TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN for libunbound. Should only be used in stub mode.
GETDNS_TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN still just does TCP.
Also some tidy up of new transport types.
2015-04-17 15:50:08 +01:00
Sara Dickinson 99c1973fae Cleanup of TLS code 2015-04-16 18:05:51 +01:00
saradickinson 99aa79b48f First pass at TLS implementation - needs work! 2015-04-16 18:05:27 +01:00
Willem Toorop 793423b325 Release 0.1.7 today 2015-04-08 21:08:36 +02:00
Willem Toorop 954676b121 Bump versino to 0.1.7 release 2015-04-08 15:42:03 +02:00
Willem Toorop b163ad1870 Doxygen documentation for the new functions 2015-04-08 15:36:12 +02:00
Willem Toorop 830e0267b3 Fix ASSERT_RC macro with check_getdns 2015-04-03 00:15:32 +02:00
Willem Toorop c63bbd1399 s/getdns_strerror/getdns_get_errorstr_by_id/g
In the unit tests make use of the newly exposed error string getter
2015-04-02 23:08:35 +02:00
Willem Toorop 7bf48520d6 0.1.7 release candidate 2 2015-04-02 22:12:23 +02:00
Willem Toorop 87eb9307a7 A getter for context update callbacks 2015-04-02 22:01:30 +02:00
Willem Toorop 498dedbb8d typo :( 2015-04-02 15:56:13 +02:00
Willem Toorop a0aabc3543 getdns_get_errorstr_by_id replaces getdns_strerror
In the future maybe.  Discuss on list.
2015-04-02 15:33:10 +02:00
Willem Toorop 56bb9dbbdc Pass along a userarg with context update callbacks 2015-04-02 14:42:26 +02:00
Willem Toorop 18381e7753 Get rid of +sit option in getdns_query 2015-04-02 13:59:10 +02:00
Willem Toorop eb7920a4a6 Issue #84 getdns_address modifies extensions param 2015-04-02 13:58:27 +02:00
Willem Toorop 9065c9c136 Changelog item of last commit 2015-04-02 13:35:52 +02:00
Willem Toorop c9a61bd91e Query for AAAA first with getdns_address
They were already sent out simultaneously and then listened for, but A went out on the wire first.  Now AAAA.
2015-04-02 13:32:00 +02:00
Willem Toorop c0bc799c3e Fix some C99 compat issues with FreeBSD 2015-03-26 17:03:55 -05:00
Willem Toorop 2d7b58a84b libtool knew we lied 2015-03-26 16:14:04 -05:00
Willem Toorop beb911daf1 Prepare for 0.1.7rc1 2015-03-26 16:09:02 -05:00
Willem Toorop 22cf2fc14d m4 includes in the m4 dir 2015-03-26 14:03:28 -05:00
Willem Toorop b5d6180506 enlarge timeouts for hostname_12 unit tests 2015-03-26 13:40:39 -05:00
Willem Toorop 3c816b0c86 Emberassing mistake (dont look) 2015-03-23 15:38:50 -05:00
Willem Toorop 526c3a3491 Fix stub validation key rollover issue 2015-03-22 15:41:55 -05:00
Willem Toorop 8b5b8519aa Merge branch 'print_json' into release-0.1.7 2015-03-22 11:01:58 -05:00
Willem Toorop 19547536ac arc4random in secret generation 2015-03-22 11:01:37 -05:00
Willem Toorop d06d94a0c7 Merge branch 'arc4random' into release-0.1.7
Conflicts:
	src/config.h.in
2015-03-22 10:55:03 -05:00
Willem Toorop 00f047816d EDNS cookies processing as stub 2015-03-22 10:50:48 -05:00
Willem Toorop 4683208fd1 First go at using arc4random 4 random numbers 2015-03-21 04:41:25 -05:00
Willem Toorop e78cea8620 Need these macro's to detect openssl 2015-03-20 21:40:14 +01:00