interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,033 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

1488 Commits

Author SHA1 Message Date
Willem Toorop 49840c9a85 Some more uniform _getdns_rrset usage 2016-06-09 15:03:51 +02:00
Willem Toorop e27bfcedb6 Merge branch 'develop' into devel/getdns_rrset 2016-06-09 14:13:11 +02:00
Willem Toorop 27110e0943 DNSSEC wildcard validation issue 2016-06-09 10:44:25 +02:00
Willem Toorop 8679633cd9 One more _getdns_rrset caused dnssec fix 2016-06-08 16:03:45 +02:00
Willem Toorop 6e7f66b216 Sorting of SRVs according to RFC2782 
Could be optimized... but alas
 2016-06-08 12:44:23 +02:00
Willem Toorop 457a4bec92 develop merge fix 2016-06-08 10:57:03 +02:00
Willem Toorop 490aac1b48 Merge branch 'develop' into features/getdns_service 2016-06-08 10:21:29 +02:00
Willem Toorop 2d22b8729d Locks must be >= 0 2016-06-07 17:21:10 +02:00
Willem Toorop e16efbbeee Small bugs from the _getdns_rrset move 2016-06-07 17:08:35 +02:00
Willem Toorop cf675a9284 Add srv_addresses when query was for SRV 
Moved _getdns_rrset iterators to rr-iter.[ch] in the process
 2016-06-07 16:52:10 +02:00
Willem Toorop 3af8a917a2 TSIG spec contains colon too 2016-06-01 17:00:05 +02:00
Willem Toorop a100aff4de Free allocated qname after query 2016-05-31 16:55:59 +02:00
Willem Toorop cc39d51a4c Query with the correct extensions! 2016-05-31 15:40:22 +02:00
Willem Toorop ff4545dae0 Listening sockets should use SO_REUSEADDR 2016-05-31 15:14:50 +02:00
Willem Toorop 6781899247 Allow keys without quotes in json dicts 2016-05-31 15:02:17 +02:00
Willem Toorop 2bb254c898 A DNSSEC resolver validates without DO too 2016-05-31 13:17:16 +02:00
Willem Toorop 40477d3f00 CNAME loops protection 2016-05-30 17:02:28 +02:00
Willem Toorop 2b81be8859 Better servfail serving in getdns_query daemon 2016-05-30 16:37:38 +02:00
Willem Toorop 2c43afe338 SERVFAIL should contain the query name... 2016-05-30 11:25:07 +02:00
Willem Toorop 1fb91028ad Oopsy 2016-05-26 17:05:06 +02:00
Willem Toorop 89d2f74d24 First fixes that came out of deckard testing 2016-05-26 17:02:21 +02:00
Willem Toorop e01211d6b4 Debug setting that keeps connections open 2016-05-25 15:57:37 +02:00
Willem Toorop e25e697970 Merge remote-tracking branch 'upstream/develop' into features/create_dict_with_json 2016-05-25 15:12:48 +02:00
Willem Toorop 4334da370e Recursing available on bogus answer too 
provided the resolution mode is RECURSING
 2016-05-25 14:53:33 +02:00
Willem Toorop 888cba625c DNSSEC extensions overwrite curtom headers 
to make roadblock avoidance work in daemon mode
 2016-05-23 16:40:26 +02:00
Willem Toorop 9e0127e74c Don't allow primitive keys (yet) 
They cannot handle the colon very well (yet)
 2016-05-23 15:54:53 +02:00
Willem Toorop 5b832e457c Allow dns_root_servers to be given by bindata too 2016-05-23 15:53:36 +02:00
Willem Toorop 95718c9474 Mention format of the settings 2016-05-23 15:03:51 +02:00
Willem Toorop 77af32d121 Two more missing unofficial settings options 2016-05-23 14:43:05 +02:00
Willem Toorop eef421fb63 Allow configuration passed on command line too 2016-05-23 14:33:56 +02:00
Willem Toorop 7b861ecbbc Allow arbitrary bindata with json dict primitives 2016-05-23 12:41:46 +02:00
Willem Toorop acad529654 Default extensions settings via config file 2016-05-23 12:22:23 +02:00
Willem Toorop 584193eb39 Stub daemon mode forwards the request header 2016-05-23 11:35:50 +02:00
Willem Toorop 4479d06ebd Allow keys without quotes in config file 
+ help text that show config file option
 2016-05-23 11:27:27 +02:00
Willem Toorop 938eef1b00 String bindata's secretly contain final '\0' 2016-05-22 21:58:50 +02:00
Willem Toorop 7b47e82eae DNSSEC in server working with recursive mode too 2016-05-22 20:49:52 +02:00
Willem Toorop 382a5ec452 getdns_query daemon pass through header options 
(Enables DNSSEC for stub mode, but not for recursive)
 2016-05-22 18:23:15 +02:00
Willem Toorop 959f1e5496 listen_addresses setting in config file 2016-05-22 17:35:14 +02:00
Willem Toorop 14a950bc29 getdns_query -C for settings via config file 2016-05-22 15:35:32 +02:00
Sara Dickinson 9c8e07a06a Merge branch 'develop' of https://github.com/getdnsapi/getdns into feature/unit_test_updates_2 2016-05-20 16:07:52 +01:00
Sara Dickinson 84d6da8ef6 Fix ups after Willems review 2016-05-20 16:01:23 +01:00
Willem Toorop e8db20a722 Merge branch 'develop' into features/create_dict_with_json 2016-05-20 15:04:08 +02:00
Willem Toorop 7f30aba6bd Only merge non empty lcov info files 2016-05-19 21:15:24 +02:00
Willem Toorop 028ceb7ebf Merge branch 'develop' into devel/bsd-fixes 2016-05-19 21:13:47 +02:00
Willem Toorop f806ffdc70 Anticipate BSD make in tpkg's 2016-05-19 15:56:19 +02:00
Willem Toorop 0bc8eb65b3 Sort symbols the same on all systems 2016-05-19 15:24:01 +02:00
Willem Toorop 4c3888b18e jsmn.h is relative to $(srcdir) too 2016-05-18 15:56:54 +02:00
Willem Toorop 7fd9d1e342 const-info.h is relative to $(srcdir) 2016-05-18 15:47:57 +02:00
Willem Toorop 11a063bad0 Parse IPv4, IPv6 and dnames as primitives 2016-05-18 15:21:24 +02:00
Sara Dickinson 98d636b99d Updates to unit tests and tpkg 2016-05-16 17:56:48 +01:00
Sara Dickinson 5f225d6be3 Add TLS session resumption 2016-05-16 17:41:55 +01:00
Willem Toorop 1d5446f117 First pass at parsing getdns dicts in text format 2016-05-11 12:07:27 +02:00
Willem Toorop 22328703cc Convert constant name to value 2016-05-09 15:17:26 +02:00
Willem Toorop 4159360ee5 Pass run-all.sh params to tpkg's configure calls 2016-05-09 14:13:37 +02:00
Willem Toorop 4b7e79cc35 TCP server now also working 2016-05-06 17:30:05 +02:00
Willem Toorop 78a6a47b05 Anticipate new pretty print format in tpkg tests 2016-05-04 15:25:18 +02:00
Willem Toorop a80afd357e Initial UDP only server for getdns_query 
Provide listening addresses in the same way as upstreams,
but with the initial character '~' instead of '@'.
 2016-05-04 09:38:26 +02:00
Willem Toorop 5085af0d28 Abit more leniency in what to accept for upstreams 
address_type no longer necessary
instead of address dicts, just bindata is now also ok
 2016-05-03 14:52:30 +02:00
Willem Toorop 9f3ad7d603 Add our version of jsmn as submodule 2016-05-03 13:38:40 +02:00
Willem Toorop c14c6fe993 Print dname's as primitive type 2016-05-03 13:35:01 +02:00
Willem Toorop 240bb76bd5 Merge branch 'develop' into devel/clang-static-checking 2016-04-29 16:33:06 +02:00
Willem Toorop 066c0b3837 Merge branch 'features/canonical_dnssec_chain' into upstream/develop 2016-04-29 16:24:58 +02:00
Willem Toorop a8dbb3dd51 Static checking fixes 2016-04-29 12:00:17 +02:00
Willem Toorop 84570a5f0a Static checking with the clang analyzer 2016-04-29 11:47:20 +02:00
Willem Toorop d09698496d Fail on scheduling errors 2016-04-28 15:02:27 +02:00
Willem Toorop 234d6d1b06 Dependencies 2016-04-28 14:39:26 +02:00
Willem Toorop 6e0d8de885 tpkg for the header extension 2016-04-28 14:28:22 +02:00
Willem Toorop b12aeb80fb Allow for tpkg test with configured srcdir 
By temporarily moving the configured files aside while building
 2016-04-28 14:26:29 +02:00
Willem Toorop 04b3830fb6 Set OPCODE in header too 2016-04-28 13:44:28 +02:00
Willem Toorop d841582d67 Setting header bits through extensions working 2016-04-26 15:54:58 +02:00
Willem Toorop 25cc88e1a2 First pass at sending packets 2016-04-25 17:21:04 +02:00
Willem Toorop 8fc89d01cb Post devel/scheduling_bug_detection merge cleanups 2016-04-22 14:43:17 +02:00
Willem Toorop af8e27f059 Merge branch 'devel/scheduling_bug_detection' into features/canonical_dnssec_chain 2016-04-22 14:42:25 +02:00
Willem Toorop d61e64c9c7 Fix callbacks during scheduling in DNSSEC code too 2016-04-22 14:09:18 +02:00
Willem Toorop 15271d0438 Account for callbacks fired during scheduling 2016-04-21 15:16:38 +02:00
Willem Toorop 0bd4026898 Detect freed memory usage with recursive queries 
Only when using unbound-event-api and doing queries for names in /etc/hosts
 2016-04-21 12:37:09 +02:00
Willem Toorop c05f963719 Fail on debugging detected errors 2016-04-21 12:24:53 +02:00
Willem Toorop 4849329818 dnssec_return_full_validation_chain extension 
That also returns all records that had to be proofed secure in canonical form in the "validation_chain".
 2016-04-18 22:06:12 +02:00
Willem Toorop e1126c9cf8 Canonicalize dnssec chain 
When validated
 2016-04-18 15:36:39 +02:00
Willem Toorop 516f211843 Fire idle timeouts immediately with sync requests 2016-04-13 12:06:51 +02:00
Willem Toorop 57954ad41e Small bugfix in checking complete requests async 2016-04-11 15:33:08 +02:00
Willem Toorop da577a463d set upstream loop to the sync loop for sync reqs 
And reset to the async loop when sync request was finished, rescheduling the upstream->event.
Note that finished_event is scheduled against the async loop always.
 2016-04-11 14:49:44 +02:00
Willem Toorop d2d4a849f4 Merge remote-tracking branch 'upstream/develop' into develop 2016-04-05 15:50:50 -03:00
Willem Toorop e4b0d08fad Minor bugfix for use with openssl 1.1.0 2016-04-05 13:15:59 -03:00
Shane Kerr af8139e957 Modified version of the "run-all.sh" which collects coverage information and produces a report. 2016-04-02 15:44:46 -03:00
Willem Toorop c53b15bd9a target-fetch-policy only with unbound-event-api 2016-03-31 07:49:40 -03:00
Willem Toorop 8d05fd7c1b FD_SETSIZE can be unsigned 2016-03-30 11:57:01 -03:00
Willem Toorop c9fab8c242 target-fetch-policy for more resilient recursion 2016-03-30 10:56:46 -03:00
wtoorop 4e0073ae6f Merge pull request #157 from gmadkat/develop 
Added code to read the domain from the registry and use it if search …
 2016-03-29 16:13:04 +02:00
gmadkat af7f384cf3 Added code to read the domain from the registry and use it if search suffixes are missing 2016-03-27 22:37:54 -07:00
Melinda Shore 1f45bf7e43 Merge pull request #154 from wtoorop/devel/no-sync-side-effects 
No more side effects with synchronous calls
 2016-03-24 10:53:05 -08:00
Melinda Shore 4b033c766b Merge pull request #156 from wtoorop/devel/std-suffix-handling 
Devel/std suffix handling
 2016-03-24 10:52:36 -08:00
Melinda Shore 5b41c67d7a Merge pull request #155 from wtoorop/devel/codebase-maintenance2 
Devel/codebase maintenance2
 2016-03-24 10:03:15 -08:00
Willem Toorop fdd3992f65 openssl 1.1 support 2016-03-24 14:02:18 +01:00
Willem Toorop e10e774d32 Reversed IPv6 lookup can take a while 2016-03-24 11:46:42 +01:00
Willem Toorop e4955d69ef Updates from unbound 2016-03-24 11:14:14 +01:00
Willem Toorop 0d66f91c91 getdns_query option for APPEND_NAME_TO_SINGLE_LABEL_FIRST 2016-03-23 23:31:23 +01:00
Willem Toorop e7c77290cc GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST 2016-03-23 23:27:27 +01:00
Willem Toorop b0ecda5d2e No more side effects with synchronous calls 
(and upstreams that keep connections open)
 2016-03-23 22:13:31 +01:00
Willem Toorop 09476f1ca9 getdns_context_set_follow_redirects() 2016-03-23 11:32:38 +01:00
Willem Toorop e934c100a2 Merge branch 'develop' into devel/codebase-maintenance 2016-03-22 13:22:13 +01:00
Willem Toorop 091d41dfe0 5th time's a charm 2016-03-22 10:16:15 +01:00
Willem Toorop 255e60cdcd Old valgrind travis-ci (test mode 4) 2016-03-22 10:07:59 +01:00
Willem Toorop 532c26d7c8 Old valgrind travis-ci (test mode 3) 2016-03-22 10:00:56 +01:00
Willem Toorop ede4afc7b6 Old valgrind travis-ci (test mode 2) 2016-03-22 09:53:40 +01:00
Willem Toorop 213a3dc5d8 Old version valgrind tpkg (test mode) 2016-03-22 09:37:01 +01:00
gmadkat 5d2a05f5e0 Added search suffix for Windows from registry 2016-03-21 21:10:57 -07:00
Willem Toorop d2e62acf0d What options can I use with travis valgrind? 2016-03-21 17:03:53 +01:00
Willem Toorop 620de476df Don't show all leak kinds 2016-03-21 16:51:40 +01:00
Willem Toorop d35b7ff174 Small memory leak in getdns_query 2016-03-21 16:42:53 +01:00
Willem Toorop 29323f8d94 valgrind unit tests 2016-03-21 16:35:13 +01:00
Willem Toorop 0d9d5a5eb7 Bugfix unitialized memory access with root lookups 2016-03-21 15:39:33 +01:00
Willem Toorop 468f2997ff dependencies update 2016-03-21 15:32:55 +01:00
Willem Toorop c057f65b28 list_append_list not used 2016-03-21 15:15:55 +01:00
Willem Toorop 90beaaff1d Use non-copying list_append_this_dict 2016-03-21 14:56:09 +01:00
Willem Toorop ba2da45819 Non copying list_append functions 2016-03-21 14:19:37 +01:00
Willem Toorop eea6ad7beb append_bindata was also used marginally 2016-03-21 13:13:48 +01:00
Willem Toorop 4e0ee15b73 dict_set_this_bindata not used anywhere 2016-03-21 13:07:20 +01:00
Willem Toorop 4551f0850b Use non-copying dict_set_list 2016-03-21 12:50:43 +01:00
Willem Toorop 6f157854ce Use non-copying dict_set_dict 2016-03-21 11:55:21 +01:00
Willem Toorop fc5f16dbcb Non copying dict_set functions 2016-03-21 11:54:55 +01:00
Willem Toorop e4e3dde61f Don't breakup the sync vs async schedule 
to accentuate changes.
 2016-03-18 13:30:49 +01:00
Sara Dickinson c1f15fc0ac Minor tweaks 2016-03-18 12:02:40 +00:00
Sara Dickinson c08371ebb0 First pass at updating DEBUG_STUB output 2016-03-18 11:34:51 +00:00
Willem Toorop 5469442eaa Execute all tests allways (even if one fails) 2016-03-17 17:13:20 +01:00
Willem Toorop 186dbca7ce Dependencies 2016-03-17 17:02:17 +01:00
Willem Toorop ab742b34b6 Miscelaneous scheduling fixes and improvements 2016-03-17 16:49:05 +01:00
Willem Toorop 94c73b6ec8 Write libcheck logfiles via env variables 2016-03-17 16:40:30 +01:00
Melinda Shore 8c335522e1 Merge pull request #148 from wtoorop/features/dnssec_return_all_statuses 
A dnssec_return_all_statuses extension
 2016-03-14 20:09:08 -08:00
Melinda Shore 28edb1dc5a Merge pull request #147 from wtoorop/devel/check_separate_logfiles 
Write unit test log's to separate log files
 2016-03-14 20:08:10 -08:00
Melinda Shore cf451d2b2b Merge pull request #146 from wtoorop/devel/direct_root_servers 
Devel/direct root servers
 2016-03-14 20:06:07 -08:00
Melinda Shore 69a7c1f9ba Merge pull request #145 from wtoorop/features/wire2reply 
Features/wire2reply
 2016-03-14 20:04:52 -08:00
Melinda Shore 4b5c61145a Merge pull request #144 from wtoorop/devel/default_eventloop 
Devel/default eventloop
 2016-03-14 20:02:57 -08:00
Willem Toorop 4fca5fe08c A dnssec_return_all_statuses extension 
that returns all all dnssec replies regardless their status.
When used on its own or in combination with just dnssec_return_status,
     it will return BOGUS replies, but those replies will have "dnssec_status": GETDNS_DNSSEC_BOGUS
     The response dict "status" will be GETDNS_RESPSTATUS_GOOD then.
When used on in combination with dnssec_return_only_secure,
     it will return BOGUS and INSECURE replies (reflected in their "dnssec_status")
     The response dict "status" can be any of the status that the dnssec_return_only_secure extenstion returns,
     so either GETDNS_RESPSTATUS_GOOD when at least one reply was secure,
     GETDNS_RESPSTATUS_NO_SECURE_ANSWERS when all replies were insecure,
     or GETDNS_RESPSTATUS_ALL_BOGUS_ANSWERS when all replies were bogus.
 2016-03-14 12:23:12 +01:00
Willem Toorop 8ccba5e204 Write unit test log's to separate log files 
For each tested event loop
 2016-03-14 11:59:05 +01:00
Willem Toorop d938c433ab Set root servers without temporary file 2016-03-14 11:33:06 +01:00
Willem Toorop f95a052e55 Rewrite DNS proxy in transport/timeout test suites 
To use the new DNS packet conversion functions.
This looses the dependency on ldns for unit tests too.
 2016-03-14 10:41:32 +01:00
Willem Toorop 02d14351fc Convert pkts wireformat <-> getdns_dict <-> string 2016-03-14 10:02:01 +01:00
Willem Toorop 7550980be8 Loose bc dependency with tpkg 2016-03-10 14:37:00 +01:00
Willem Toorop 36e620d769 TCP handling on windows 2016-03-09 15:37:47 +01:00
Willem Toorop a83c54387d Reuse sync eventloop per context 
So recursive resolution can depend on and continue with outstanding queries it depends on
 2016-03-09 11:16:19 +01:00
Willem Toorop 70cc65f786 Replace default append_name setting 
to GETDNS_APPEND_NAME_ONLY_TO_SINGLE_LABEL_AFTER_FAILURE
 2016-03-09 10:37:05 +01:00
Willem Toorop aeeadde299 Synchronous with pluggable event APIs again 2016-03-07 16:35:43 +01:00
Willem Toorop ebb892def1 Revert "Run context's event loop when doing sync requests" 
This reverts commit d50860c089.
 2016-03-04 12:08:46 +01:00
Willem Toorop 75ee40b98f Small improvements for ub_loop's 2016-03-04 11:52:50 +01:00
Willem Toorop 8e4dd05379 Anticipate magic number 2016-03-02 12:38:29 +01:00
Willem Toorop 4230961e9f Basic usage of unbound pluggable event loop 2016-03-01 16:29:37 +01:00
wtoorop 8f66d69286 Merge pull request #143 from wtoorop/bugfix/memory_leaks 
Fix memory leak with getdns_get_api_information()
 2016-02-26 12:26:53 +01:00
Willem Toorop 6fd05675aa Fix memory leak with getdns_get_api_information() 
Thanks Robert Groenenberg.
 2016-02-26 12:24:45 +01:00
Willem Toorop 4a4339f023 load gost algorithm if digest is seen before key algorithm 2016-02-26 12:20:16 +01:00
Willem Toorop 707b0d21c8 bugfix: don't reset skew 2016-02-11 11:27:03 +01:00
Willem Toorop 045d0d481c Offline dnssec validation at a given point in time 2016-02-11 11:24:22 +01:00
Willem Toorop e6f5cdb45b Merge branch 'develop' into devel/default_eventloop 2016-02-04 15:17:25 +01:00
wtoorop 60be402062 Merge pull request #139 from ln5/parsing-resolvconf 
Don't treat "domain" or "search" as a nameserver.
Thank you Linus
 2016-02-04 10:06:40 +01:00
Linus Nordberg 466302131e Don't treat "domain" or "search" as a nameserver. 
Continue the while fgets() loop as soon as we're done with "domain" or
"search".

Simplify the logic of the function by removing the if else constructs.
 2016-02-03 14:57:09 +01:00
unknown db4207f60d More review changes and made comments C style, req Willem. 2016-02-01 11:02:24 -05:00
unknown 170795ad06 More review changes and made comments C style, req Willem. 2016-02-01 10:56:45 -05:00
unknown f5290b6a68 add change from Sara to return if a cert conversion or add to store fails 2016-01-31 00:13:09 -05:00
unknown 504881fc6f Minor fixes to compile and run the CA trust store adapter from Windows to openopenSSL 2016-01-27 16:30:50 -05:00
Sara Dickinson 111794158c Improve Windows CA handling code 2016-01-27 12:50:16 +00:00
unknown 7e9563faed Added a wincrypt adapter to read CA trust certs from Windows CA store and feed them into openssl for TLS hostname authentication 2016-01-23 18:47:03 -05:00
Willem Toorop 24b58074bf Prevent chain checks to be performed too early 2016-01-20 13:09:18 +01:00
Willem Toorop d50860c089 Run context's event loop when doing sync requests 2016-01-20 11:10:53 +01:00
Willem Toorop ca36c879a0 Set unbound target fetch policy to on demand only 2016-01-20 10:21:05 +01:00
Willem Toorop ae2b16665b Setup getdns eventloop in libunbound 
When unbound supports this
 2016-01-19 16:52:11 +01:00
Willem Toorop 0c0868517c Remove leftover debugging printfs 2016-01-12 16:57:17 +01:00
Willem Toorop fed8cc51ed Initial TCP support for Windows 2016-01-12 16:54:42 +01:00
Willem Toorop 61c0a51ec5 Disable clearing ub_fd too (for windows) 2016-01-12 16:43:25 +01:00
Willem Toorop 2a6318afd2 Disable scheduling ub_fd() 2016-01-12 16:38:10 +01:00
Willem Toorop 4fd8d3dddd Replace mini_event extension by default_eventloop 
* default_eventloop was prototyped in getdns_query and is still in there as my_eventloop
  * It interfaces directly with the scheduling primitives of getdns.
  * It can operate entirely from stack and does not have to do
    any memory allocations or deallocations.

* Adapted configure.ac to allow libunbound to be linked with Windows
  (with the removal of winsock_event.c we have no symbol clashed anymore)

* Added STUB_TCP_WOULDBLOCK return code in stub_resolving helper functions,
  to anticipate dealing with edge triggered event loops (versus level triggered). (i.e. Windows)
 2016-01-12 15:52:14 +01:00
Willem Toorop 39f7e87f1a Get rid of unkown format specifiers on windows 2016-01-11 12:11:17 +01:00
Willem Toorop a970dd420f Deal with Windows vsnprintf behaviour 
+ a better situated DEBUG_STUB statement in getdns_query
 2016-01-10 12:29:37 +01:00
Sara Dickinson f8b041cd40 Bug fix for segmentation fault when using NULL pin. Unit test to come in later update. 2016-01-07 17:17:09 +00:00
Willem Toorop cf387ca3f2 Fixes for cross compiling 2016-01-07 15:32:23 +01:00
Willem Toorop 4d67db5b83 Bring gldns in sync with upstream unbound's sldns 2016-01-05 14:17:28 +01:00
Willem Toorop 16a82eede2 Deal with roadblock avoid. + stub-only at run time 
And make the single usage function validate_extension static
 2016-01-05 12:38:35 +01:00
Willem Toorop a58037904f Default is stub when compiling stub only 2016-01-05 12:30:58 +01:00
Sara Dickinson 1f9424ccf2 Fix output of get_api_settings functions 2016-01-05 09:25:49 +00:00
Willem Toorop f0bd64d57a Pretty print "bad_dns" list with constant names 2015-12-31 12:40:20 +01:00
Willem Toorop 03425d192d Miscellaneous Makefile issues 2015-12-31 11:53:46 +01:00
Willem Toorop 6b2d9a2d70 Unused var compile warning in certain conditions 2015-12-31 11:26:29 +01:00
Willem Toorop 08c0c4d6e4 Fixes from testing on different platforms 2015-12-30 14:39:11 +01:00
Willem Toorop 9b97eb9361 Update dependencies 2015-12-30 14:18:19 +01:00
Willem Toorop 1128ebdd54 Unit test fail with unimplemented follow_redirect 2015-12-30 14:10:36 +01:00
Willem Toorop 8c46e969d6 Notify for not implemented namespaces and ... 
follow_redirects.
 2015-12-30 13:55:45 +01:00
Willem Toorop 2a9dd53d8d Complement getdns_query documentation 
+ +specify_class extension
 2015-12-30 13:38:14 +01:00
Willem Toorop 11b0346ded Miscelaneous TSIG bugfixes 2015-12-30 12:25:58 +01:00
Willem Toorop 853bc6c150 Merge branch 'features/suffix_handling' into develop 2015-12-30 10:51:37 +01:00
Willem Toorop d85d395770 Options to getdns_query to test suffix appending 2015-12-30 10:44:08 +01:00
Willem Toorop 875ef3f9d4 Successive suffix append retries 2015-12-29 23:06:02 +01:00
Willem Toorop 89b6c04d4f First query append 2015-12-29 17:34:14 +01:00
Willem Toorop 54498cd556 Distinct between suffix and suffixes more clearly 2015-12-29 16:23:04 +01:00
Willem Toorop ebe3d361ea Returning strings does include the null byte 2015-12-29 16:17:17 +01:00
Willem Toorop 5a388386b4 Store suffixes in wireformat 2015-12-29 16:00:15 +01:00
Willem Toorop f91e263f09 Simplify _set_string functions 2015-12-29 15:57:55 +01:00
Willem Toorop f3e3e47e15 Implement bad_dns extension 2015-12-29 14:10:18 +01:00
Willem Toorop d79884f10a Replace ssize_t with int in conversion funcs tpkg 2015-12-24 16:22:38 +01:00
Willem Toorop 240b34e215 Missing file removals with distclean 2015-12-24 16:22:03 +01:00
Willem Toorop 3e2464af6d Changes that came out of portability tests 2015-12-24 15:28:12 +01:00
Willem Toorop a09a051ed5 New code, new dependencies... 2015-12-24 15:01:45 +01:00
Willem Toorop a2bdfb2f22 Merge branch 'features/windows-support' into develop 2015-12-24 14:44:18 +01:00
Willem Toorop 9d3905459e Miscellaneous fixes to compile on windows 
Also without warnings.
 2015-12-24 14:41:50 +01:00
saradickinson b777552f34 Merge pull request #131 from saradickinson/feature/pubkey-pinning 
Feature/pubkey pinning
 2015-12-24 10:13:53 +00:00
Willem Toorop caba5f19d5 Merge branch 'develop' into features/windows-support 2015-12-24 11:01:26 +01:00
Sara Dickinson f94798b237 Final mixups 2015-12-24 10:00:15 +00:00
Willem Toorop 8bde787703 Use mkstemp instead of tmpnam to eliminate warning 2015-12-24 10:50:58 +01:00
Willem Toorop 71b2a44945 Remove root_servers comment leftovers 2015-12-23 21:19:52 +01:00
Sara Dickinson 3afba25dad Update test case and changeling 2015-12-23 18:00:44 +00:00
Sara Dickinson a5027981d9 Change how the aliasing is done so the tpkg tests will pass 2015-12-23 18:00:43 +00:00
Daniel Kahn Gillmor 2a50f4d2ac Set tls_auth_failed when any present authentication mechanism fails 
We used to only have hostnames available.  now we have pubkey_pinsets
available as well.

We want upstream->tls_auth_failed to be 1 when any authentication
mechanism we've been asked for fails (and also when we haven't been
given any authentication mechanism at all).
 2015-12-23 18:00:43 +00:00
Daniel Kahn Gillmor 57a04f61db Allow AUTHENTICATION_REQUIRED w/o hostname when pubkey pinset is available 2015-12-23 18:00:43 +00:00
Daniel Kahn Gillmor 77802808ce rename GETDNS_AUTHENTICATION_HOSTNAME with GETDNS_AUTHENTICATION_REQUIRED 2015-12-23 18:00:43 +00:00
Sara Dickinson 792ecd65b8 Add missing constant to const-info.c 2015-12-23 18:00:43 +00:00
Sara Dickinson 2ce806c05b Tinker with debug statements/comments. 2015-12-23 18:00:43 +00:00
Daniel Kahn Gillmor a9eb9ccca9 Check that the pinset matches if it is configured 
if the upstream is configured to allow fallback, this will not be a
fatal error, but it will still be checked.

Future work:

 * verify any certs higher in the chain than the end-entity cert
 * deal with raw public keys
 * in the fallback case, report to the user whether the pinset match failed
 2015-12-23 18:00:43 +00:00
Daniel Kahn Gillmor d09675539e Provide access to the pinsets during the TLS verification callback 
We do this by associating a getdns_upstream object with the SSL object
handled by that upstream.

This allows us to collapse the verification callback code to a single
function.

Note that if we've agreed that fallback is ok, we are now willing to
accept *any* cert verification error, not just HOSTNAME_MISMATCH.
This is fine, because the alternative is falling back to cleartext,
which would be worse.

We also always set SSL_VERIFY_PEER, since we might as well try to do
so; we'll drop the verification error ourselves if we know we're OK
with falling back.
 2015-12-23 18:00:43 +00:00
Daniel Kahn Gillmor 614d317fd8 getdns_query: add -K option to attach pinsets to getdns_contexts. 2015-12-23 18:00:43 +00:00
Daniel Kahn Gillmor 0d2256df09 set and return the pubkey_pinsets on the upstream resolvers 2015-12-23 17:59:50 +00:00
Daniel Kahn Gillmor b305f073fe add functions to translate between getdns_list and sha256_pin linked list 2015-12-23 17:59:50 +00:00
Daniel Kahn Gillmor 4dbe1813e4 added simple sha256 public key pinning linked list to getdns_upstream 2015-12-23 17:59:50 +00:00
Daniel Kahn Gillmor 5e64f1262b add getdns_pubkey_pinset_sanity_check() 2015-12-23 17:59:50 +00:00
Daniel Kahn Gillmor 91f04ecd5e add getdns_pubkey_pin_create_from_string() 2015-12-23 17:59:50 +00:00
Willem Toorop 29b033c14c off-by-one bugfixes 2015-12-23 17:38:36 +01:00
Willem Toorop fbae577a54 Setting of root servers 
test with

	getdns_query -f yeti.key -R yeti.hints nlnetlabs.nl A +dnssec_return_status

where yeti.key comes from:

	https://raw.githubusercontent.com/BII-Lab/Yeti-Project/master/domain/named.cache

and yeti.hints from:

	https://raw.githubusercontent.com/BII-Lab/Yeti-Project/master/domain/KSK.pub
 2015-12-23 17:15:45 +01:00
Willem Toorop 746c26dafc Update Makefile dependencies 2015-12-23 12:26:39 +01:00
Willem Toorop f9c2f96996 Fixes for miscelanous little zone parse errors 
Hopefully the tpkg test is more deterministic now too...
 2015-12-23 12:06:09 +01:00
Willem Toorop 11cd892662 Clean boundries on wireformat scans 2015-12-22 19:14:18 +01:00
Willem Toorop e4fa06a57b getdns_fp2rr_list conversion function 
+ private conversion functions that respect custom memory handlers
+ converage of more different example functions in 260-conversion-functions test package
 2015-12-22 18:37:24 +01:00
Willem Toorop 0cb513e9b7 Doc of (|_buf|_scan) style conversion funcs 
+ (|_buf|_scan) versions of most of the conversion directions.
+ mk-const-info handles new return_t's defines
 2015-12-22 16:04:43 +01:00
Willem Toorop 6519a05780 all debug config option for broadest src coverage 
With the 300 tpkg test
 2015-12-22 11:43:06 +01:00
Willem Toorop fe7a1e89e3 Constify new work 2015-12-22 11:32:15 +01:00
Willem Toorop 5bbcbb97a1 Merge branch 'develop' into features/conversion_functions 2015-12-22 11:28:27 +01:00
Willem Toorop 0a809cb7d8 Allow truncated answers to be returned 2015-12-22 10:56:20 +01:00
Willem Toorop ee2a1fbfe6 Merge branch 'features/tsig' into develop 2015-12-22 01:08:25 +01:00
Willem Toorop 8a8a017fc5 Validate received TSIG reply 2015-12-22 01:03:31 +01:00
Willem Toorop 6c1e00fc3f Send TSIG 2015-12-21 22:11:16 +01:00
Sara Dickinson f55721d261 Update unit test. Since 0 is the default, it can be set via the function. 2015-12-21 17:36:59 +00:00
Sara Dickinson 746a827baa Implement client side edns-tcp-keepalive 2015-12-21 17:05:56 +00:00
Willem Toorop 98dc4018c3 Setting & getting of tsig info per upstream 2015-12-21 12:22:59 +01:00
Sara Dickinson 91a73ab3d0 cleanup 2015-12-18 16:22:09 +00:00
Sara Dickinson 4165e874de Fix tests 2015-12-18 16:14:54 +00:00
Sara Dickinson 13ddf9ad83 Update constants 2015-12-18 16:14:54 +00:00
Sara Dickinson 3e97e1f032 Fix make file 2015-12-18 16:14:54 +00:00
Sara Dickinson c5b839bda8 remove STARTTLS 2015-12-18 16:14:54 +00:00
Willem Toorop bc2ec7cee3 Specify TSIG parameters with getdns_query 2015-12-18 15:16:48 +01:00
Willem Toorop 95e9fa1f35 Better/shorter tpkg descriptions 2015-12-18 14:09:30 +01:00
Willem Toorop 0129550130 Dependencies 2015-12-18 14:04:16 +01:00
Willem Toorop 54f3179c0e Fix libmini_event getting context's mem funcs 2015-12-18 13:57:20 +01:00
Willem Toorop c8a9da69ea Fix libuv.c dependencies 2015-12-18 13:50:17 +01:00
Willem Toorop 5663f914fb Mode debug marco's to own header 
To reduce dependency location fixes in test directory.
 2015-12-18 13:40:52 +01:00