Willem Toorop
2e4c0928f7
Import unbound's crypto
2015-09-23 16:48:54 +02:00
Willem Toorop
fda5394540
Verify raw buffer (still with ldns)
2015-09-23 16:03:59 +02:00
Willem Toorop
8b414c8570
Sort RR's to validate
2015-09-22 12:27:17 +02:00
Willem Toorop
e47bd33ec0
Determine validation buffer size
2015-09-21 17:13:44 +02:00
Willem Toorop
bf7f44dcb7
Put rrs to validate in rrset
2015-09-21 12:59:30 +02:00
Willem Toorop
f673e12106
Memory management for _getdns_verify_rrsig
2015-09-21 12:36:41 +02:00
Willem Toorop
5db5a8b5e6
Correct some comment text
2015-09-18 09:53:27 +02:00
Willem Toorop
505bcf028b
Merge branch 'v0.3.3' into develop
2015-09-09 12:46:05 +02:00
Willem Toorop
dbc53e773d
0.3.3 quickfix release
2015-09-09 12:45:29 +02:00
Willem Toorop
bb29789d24
Merge branch 'v0.3.3' into develop
2015-09-08 12:01:08 +02:00
Willem Toorop
a543c23926
Spelling
2015-09-08 11:24:45 +02:00
Willem Toorop
84ad5850c9
get_api_information():version_string also for RCs
2015-09-08 11:20:52 +02:00
Willem Toorop
46ea366f5f
Fix dnssec validation of direct CNAME queries
...
Thanks Simson L. Garfinkel.
2015-09-08 10:52:04 +02:00
Willem Toorop
c3b59e76fa
Merge branch 'v0.3.3' into develop
2015-09-04 16:14:41 +02:00
Willem Toorop
b5ac8c1b50
Don't alter events before clearing...
2015-09-04 16:13:49 +02:00
Willem Toorop
87b7c6a834
Merge branch 'v0.3.2' into develop
2015-09-04 11:04:08 +02:00
Willem Toorop
75f1aa6ccd
Typo
2015-09-04 11:02:39 +02:00
Willem Toorop
53e23f1358
Revert "Revert "Merge pull request #112 from saradickinson/features/tls_auth""
...
This reverts commit 6d29e6044e
.
2015-09-04 10:56:30 +02:00
Willem Toorop
a3f02905b0
thread instead of a process for ub_fd() signalling
2015-09-04 10:33:08 +02:00
Willem Toorop
0e66d28be8
Set processing flag around user callbacks
...
To fix destroying contexts from user callbacks in stub mode.
The complete test suite runs in stub mode now too.
2015-09-03 15:07:29 +02:00
Willem Toorop
5f73fded75
Simplify list creation a little bit
2015-09-03 13:14:34 +02:00
Willem Toorop
b1489eac1f
One more priv_ name renamed to _
2015-09-03 13:13:57 +02:00
Willem Toorop
cbb668379f
One more string2bindata case...
2015-09-03 12:15:22 +02:00
Willem Toorop
6d13ec19cd
--with-getdns_query configure option +
...
make pub target (for signing and hashing dist tarball) +
make megaclean target (for erasing all source and git reset --hard)
2015-08-28 13:33:02 +02:00
Willem Toorop
8ca93a22de
--enable-stub-only configure option
2015-08-28 11:09:32 +02:00
Willem Toorop
d58d90752b
HAVE_LIB* only after include "config.h"
2015-08-27 14:38:23 +02:00
Willem Toorop
a8d2e489ad
Allow --without-libidn configure option
2015-08-27 14:24:01 +02:00
Willem Toorop
6d29e6044e
Revert "Merge pull request #112 from saradickinson/features/tls_auth"
...
This reverts commit d436165a88
, reversing
changes made to 7c902bf73c
.
2015-08-27 13:31:22 +02:00
Willem Toorop
55aa759730
Don't spawn extra process for recursion calls
2015-08-27 13:22:24 +02:00
Willem Toorop
6446643396
Get lines via custom eventloop
2015-08-26 22:25:42 +02:00
Willem Toorop
32e4e8fa9d
Debug custom event loop
2015-08-26 17:01:28 +02:00
Willem Toorop
4ecf6b23dc
First round of bugfixes in custom eventloop
2015-08-26 16:13:25 +02:00
Willem Toorop
c86df63b7a
Custom event loop in getdns_query
2015-08-26 14:32:46 +02:00
Willem Toorop
f312a6cfc5
Revert "plain_mem_funcs_user_arg need not be exposed"
...
This reverts commit d0ff5d8fea
.
It does need to be exposed and is used inderectly through GETDNS_MALLOC which uses MF_PLAIN which is an alias for plain_mem_funcs_user_arg.
2015-08-24 14:37:02 +02:00
Willem Toorop
d0ff5d8fea
plain_mem_funcs_user_arg need not be exposed
2015-08-24 14:15:31 +02:00
Willem Toorop
015e387ea5
Final internal symbols rename to _getdns prefix
2015-08-19 16:33:19 +02:00
Willem Toorop
b9e8455e27
Internal symbols always prefixed with _getdns
2015-08-19 16:30:15 +02:00
Willem Toorop
1f638ccd0b
Internal getdns_mini_event to _getdns_mini_event
2015-08-19 16:26:39 +02:00
Willem Toorop
fcd595298a
Rename all priv_getdns internal symbols to _getdns
2015-08-19 16:22:38 +02:00
Willem Toorop
7971152742
Make all private functions static
2015-08-19 16:15:26 +02:00
Willem Toorop
450aabefcc
Make util symbols private (i.e. prefix _getdns)
2015-08-19 16:07:01 +02:00
Willem Toorop
09492cbf46
_getdns_nsec3_hash_label without ldns
2015-08-19 15:19:02 +02:00
Willem Toorop
6350b4fad4
--without-libunbound option to configure
2015-08-19 10:47:46 +02:00
Willem Toorop
972ebf55d0
Merge branch 'features/str_without0byte' into develop
2015-08-17 16:30:54 +02:00
wtoorop
d436165a88
Merge pull request #112 from saradickinson/features/tls_auth
...
Features/tls auth
2015-08-17 12:53:38 +02:00
Willem Toorop
7c902bf73c
Fix fallback failures fix ;)
2015-08-17 12:35:10 +02:00
Sara Dickinson
dc7d7e7689
Fix openssl dependancy
2015-08-15 16:35:30 +01:00
Sara Dickinson
2404cc2c8e
Extend regression test
2015-08-15 15:27:58 +01:00
Sara Dickinson
45de1f65b3
Update docs with details of OS X certificate handling.
2015-08-15 14:40:16 +01:00
Sara Dickinson
dbad8a9003
Restrict transport list to 1 entry for each valid transport
2015-08-15 14:40:16 +01:00
saradickinson
cb1dff1ac7
Add ability to verify server certificate using hostname for TLS/STARTTLS
...
NOTE: This implementation will only work for OpenSSL v1.0.2 and later.
Doing it for earlier versions is totally insane:
https://wiki.openssl.org/index.php/Hostname_validation
2015-08-15 14:40:15 +01:00
Sara Dickinson
8beace7036
Fix location in manual test script. Add build/ to .gitignore
2015-08-15 14:36:36 +01:00
Sara Dickinson
ab60211020
Fix fallback failures. Add manual regression test script.
2015-08-12 11:42:02 +01:00
Daniel Kahn Gillmor
319a20a66c
improve documentation
...
improve the documentation of the getdns_upstream objects.
2015-07-19 12:22:10 +02:00
Willem Toorop
d52b10e703
Fix builddir/srcdir for tests
2015-07-19 12:15:28 +02:00
Willem Toorop
e91f7d53b5
Correct getdns_extra.h location for tests too
2015-07-19 11:48:24 +02:00
Willem Toorop
ac6e0b641d
rm autoconf generated files from repo
2015-07-19 11:40:03 +02:00
Willem Toorop
44b8e44c07
Fix srcdir/buildir locations for version.lo
2015-07-19 11:35:29 +02:00
Willem Toorop
e2170cb115
Fix srcdir/buildir locations
2015-07-19 11:28:42 +02:00
Willem Toorop
0c5dd59035
Fix upstream/transport array in 1 upstream dict
2015-07-19 09:43:12 +02:00
Willem Toorop
898fc15b6b
Zero size only for non-repeating remaining data
2015-07-18 18:04:11 +02:00
Willem Toorop
276e9fa5f3
Zero size only allowed for non repeating rdfs
2015-07-18 16:59:00 +02:00
Willem Toorop
9daaa1638c
One more event callback setting before clearance
2015-07-14 13:42:40 +02:00
Willem Toorop
d4e932890a
Do not reset event callbacks before clearing
2015-07-14 11:54:25 +02:00
Willem Toorop
3c80a8a1af
Check destruction of upstreams in correct way
2015-07-14 11:11:06 +02:00
Willem Toorop
587b320d95
DNS tree was upside down (wording in comments)
...
According to RFC1034 Section 4.2.1., the zone's apex is at the top and delegations at the bottom.
2015-07-14 10:49:00 +02:00
Willem Toorop
554f015931
Deschedule idle_timeouts on context destroy
2015-07-14 10:44:15 +02:00
Willem Toorop
6f21d89e2a
Lookup DS only, for no sigs INSECURE
2015-07-14 10:22:42 +02:00
Willem Toorop
a8adf662d1
Fix memory leak setting transports
2015-07-13 16:39:43 +02:00
Willem Toorop
5c61954427
Fix geting recursive_upstream_servers
2015-07-13 16:22:39 +02:00
Willem Toorop
c7d40e2cbc
Strings in bindata's without '\0' byte
2015-07-13 15:41:40 +02:00
Willem Toorop
12567f5338
Fix compiling with --enable-debug-sched
2015-07-13 11:09:56 +02:00
Willem Toorop
431415bd3d
rm debugging fprintf leftover
2015-07-10 10:18:00 +02:00
Willem Toorop
0d2f3a5bd9
functions and defines to get versions
...
About the library and the API
In both strings and in numbers
2015-07-10 00:57:58 +02:00
Willem Toorop
2884abe870
Allow alternative trust anchors + ...
...
Switch freely between stub and recursive resolving
2015-07-10 00:05:26 +02:00
Willem Toorop
4987a27264
Pretty print TLDs
2015-07-10 00:04:14 +02:00
Willem Toorop
2dab8dd4d6
Fix handling of non specific trust anchors and ...
...
unsported DS digest types
2015-07-09 23:11:56 +02:00
Willem Toorop
254699ad8b
Constants must be in searchable order
2015-07-09 23:11:28 +02:00
Willem Toorop
cacd8951ff
getdns_query -k to test for root trust anchor
...
has exit status 0 on success, 1 otherwise.
2015-07-09 23:10:22 +02:00
Willem Toorop
70857ccc74
Proper handling of system stub query timeouts
2015-07-09 23:09:39 +02:00
Willem Toorop
4135f633ac
Fix invalid memory reads
2015-07-09 15:40:00 +02:00
Willem Toorop
d9fca20f18
Update consts, symbols and dependencies
2015-07-09 14:40:13 +02:00
Willem Toorop
cea8ae4d11
[API 0.602] getdns_context_set_dns_transport_list
...
And the getdns_context_set_idle_timeout() functions.
2015-07-09 14:00:26 +02:00
Willem Toorop
ec476a9129
getdns_root_trust_anchor up in getdns.h.in
...
So it is on the same spot as where it is in the original specification.
This to ease comparing getdns.h with the API's getdns_code_only.h
2015-07-09 10:37:02 +02:00
Willem Toorop
098e0f19c4
Don't skip points zone cuts with trusted keys
...
A new keyset must be authenticated at every zone cut.
A keyset from an ancecter of the immediate zone may never be used
to authenticate RRsets within a zone.
(Review from Wouter)
2015-07-09 08:15:38 +02:00
Willem Toorop
d87d951874
set ds_signer only when actually signed
2015-07-08 17:15:27 +02:00
Willem Toorop
d4849dc0ba
Fix read of uninitialized memory
...
Not a dangerous one though, but still...
2015-07-08 15:36:39 +02:00
Willem Toorop
e8030b34d2
query_len not used
2015-07-08 15:05:40 +02:00
Willem Toorop
201b6af9a2
clang compiler warnings + 1 bug!
...
Bug is countring insecure answers in util-internal.c
found by clang warning reporting
2015-07-08 13:07:24 +02:00
Willem Toorop
2918c8b472
DSes with best digest + INSECURE on unsupportd alg
...
Adaptations to function ds_authenticates_keys.
With multiple DSes, only the ones with the highest (supported)
digest type will be used to authenticate DNSKEYs.
NO_SUPPORTED_ALGORITHMS will be returned if there were
DSes for a key in the DNSKEY set, but none of them has a supported
digest or algorithm. This leads to dnssec_status INSECURE.
2015-07-08 12:21:04 +02:00
Willem Toorop
a5bacfefcf
memory leak fixes
2015-07-08 11:07:44 +02:00
Willem Toorop
51a04f8f6c
RSAMD5 is deprecated
2015-07-08 00:18:19 +02:00
Willem Toorop
3b45255d1e
Try only closest trust anchors
2015-07-08 00:10:10 +02:00
Willem Toorop
e48b0c7fd7
INSECURE when NSEC3 iteration count too high
...
Fix from Wouter's review
2015-07-07 22:33:53 +02:00
Willem Toorop
4b53d70199
Review from Wouter minor issues
2015-07-07 14:52:32 +02:00
Willem Toorop
e571883811
Fix test for NODATA address_sync lookup
...
hampster.com no longer suitable anymore.
2015-07-07 11:46:52 +02:00
Willem Toorop
83425f959e
Review comments from Wouter
...
Thanks!
2015-07-07 11:15:38 +02:00
Willem Toorop
43980e9020
[API 0.601] CSYNC RR type
2015-07-06 14:14:46 +02:00
Willem Toorop
af23930725
CSYNC rr type
2015-07-06 12:45:08 +02:00
Willem Toorop
55444d07a2
Documentation in comments as a review guideline
2015-07-06 11:57:16 +02:00
Willem Toorop
70edb60f09
Some comment about google public dns
2015-07-04 13:14:16 +02:00
Willem Toorop
0e977ee4fb
rearrangements for documentational reasons
...
+ a fix for opt_out bug
2015-07-04 13:01:16 +02:00
Willem Toorop
7e3fbe547a
Check NSEC3 CE to be without delegations
...
(no DNAME, no NS or, if NS then also SOA)
2015-07-04 10:53:31 +02:00
Willem Toorop
f59b32414c
Three NSEC3 related things:
...
- Better checking for type bits
- NSEC3 Insecure proofs for opt-out on head's
- NSEC3 wildcard NODATA proof
2015-07-04 10:23:02 +02:00
Willem Toorop
99f0026961
Allow remaining data RDF to be zero size
...
Usefull for NSECs on empty non terminals!
2015-07-04 08:09:50 +02:00
Willem Toorop
682f10b271
NSEC3s on empty non terminals
...
bitmap might even not be present.
2015-07-04 00:08:03 +02:00
Willem Toorop
2c09ff2541
Deal with synthesized CNAMEs from DNAMEs
2015-07-03 23:44:15 +02:00
Willem Toorop
4d4f235f76
NSEC handling complete
2015-07-03 22:50:29 +02:00
Willem Toorop
a66232153a
Some more NSEC conditional checks
...
(from studying unbound code)
2015-07-03 00:44:53 +02:00
Willem Toorop
af49184fd5
A single RRSIG per RRSET in validation_chain
2015-07-02 17:30:37 +02:00
Willem Toorop
d47c533b64
getdns_validate_dnssec validate replies in turn
2015-07-02 15:31:31 +02:00
Willem Toorop
ae580575d0
Only validate NOERROR & NXDOMAIN
2015-07-02 12:59:28 +02:00
Willem Toorop
e3fe89c802
Turn on specific debugging with configure options
2015-07-02 12:49:50 +02:00
Willem Toorop
f066d5ef73
Merge branch 'features/native-stub-dnssec' into develop
...
Conflicts:
configure.ac
src/stub.c
2015-07-02 10:27:27 +02:00
Willem Toorop
6cffc4792b
Validate replies with getdns_validate_dnssec
...
You can feed it the replies_tree as the records to validate list
2015-07-02 00:25:41 +02:00
Willem Toorop
f92dd5ac0d
getdns_validate_dnssec with new DNSSEC code
2015-07-01 21:50:47 +02:00
Willem Toorop
2b3aa84337
getdns_query show output of getdns_validate_dnssec
2015-07-01 14:38:24 +02:00
Willem Toorop
41cf772fb3
Trust anchors in wireformat in context
2015-06-30 14:43:52 +02:00
Willem Toorop
996b09ba2b
Reminder for single RRSIG per RRSET return
...
With the dnssec_return_validation_chain extension
2015-06-30 00:12:30 +02:00
Willem Toorop
3cd9caa704
Evaluate DNSSEC only with stub resolution
2015-06-29 23:48:46 +02:00
Willem Toorop
8d5ac3afde
Store dnsreq->name in wire format
2015-06-29 23:32:49 +02:00
Willem Toorop
407ecffb67
dnssec_status in netreqs
2015-06-29 22:23:01 +02:00
wtoorop
93e0237273
Merge pull request #106 from saradickinson/features/transport_fixups
...
Features/transport fixups
2015-06-29 21:09:47 +02:00
Sara Dickinson
e5a80943e2
Turn fast open on by default. Fix build warning.
2015-06-29 11:54:31 +01:00
Sara Dickinson
e20d679bc8
Improve TCP close handling and sync connection closing
2015-06-29 09:09:13 +01:00
wtoorop
9ac1ea39b8
Merge pull request #105 from saradickinson/features/transport_fallback
...
Features/transport fallback
2015-06-29 09:21:31 +02:00
Willem Toorop
2b83bddd4d
More sense making parameter names for is_subdomain
2015-06-29 09:18:53 +02:00
Willem Toorop
4e45d31413
No wildcard NSEC3 check on opt-out
2015-06-28 13:41:48 +02:00
Willem Toorop
170218c350
Expand dname rdata fields before compare
2015-06-27 23:47:47 +02:00
Willem Toorop
f6c1a48b6e
Validaton of wildcard answers
2015-06-27 23:28:23 +02:00
Sara Dickinson
8c61ecd024
Finally fix problem with upstream walking that was causing intermittent crash. And fix sync idle timeouts. Again.
2015-06-26 16:14:04 +01:00
Sara Dickinson
8925fb22fc
More bug fixes and tidy up
2015-06-26 14:27:21 +01:00
Willem Toorop
0411668cb4
blah
2015-06-26 11:39:44 +02:00
Sara Dickinson
ddd90e29c5
Fix idle_timeout bug
2015-06-26 08:19:22 +01:00
Willem Toorop
fe4b7095b3
Set has_ta before unbound context initialization
2015-06-26 00:29:20 +02:00
Willem Toorop
19b79b066f
NSEC NXDOMAIN + NSEC3 denial of exist. validation
2015-06-26 00:26:40 +02:00
Sara Dickinson
cb5bbac26d
Do better with unbound transport mapping and fix problems with sync fallback
2015-06-25 20:21:00 +01:00
Willem Toorop
ea69d30e64
Validation of signed responses
...
+ start with unsigned responses (only the NSEC NOERROR case)
2015-06-25 10:04:19 +02:00
Sara Dickinson
8819d29535
Implement TCP fallback and hack for lack of sync idle timeout.
2015-06-24 18:49:34 +01:00
Sara Dickinson
c9a0ffc7a5
Improve error reporting in getdns_query.
2015-06-23 17:01:43 +01:00
Willem Toorop
c7c7884350
Generalize getdns_rrset for raw pkt, not netreq
2015-06-23 16:41:34 +02:00
Willem Toorop
1babc715b7
Init context->dnssec_trust_anchors with default
2015-06-23 16:40:47 +02:00
Sara Dickinson
c425f96e0b
Fix TLS handshake for sync messages.
2015-06-23 15:39:56 +01:00
Willem Toorop
5c01df226c
Init netreq dnssec status at netreq init time
2015-06-23 16:39:30 +02:00
Willem Toorop
3631cd658a
get_val_chain for all possible scenarios
2015-06-23 00:00:20 +02:00
Sara Dickinson
67e282edd1
More work on transport/upstream fallback. TLS and UDP fallback not working yet.... Probably need to maintain a current upstream for each transport to get this working properly
2015-06-22 18:02:28 +01:00
Sara Dickinson
57b163c790
Fix bug in STARTTLS timeout
2015-06-22 14:31:19 +01:00
Sara Dickinson
b73b5b2792
Fix some bugs...
2015-06-21 16:55:12 +01:00
Sara Dickinson
635cf9e182
Re-factor of internal handing of transport list.
2015-06-19 18:28:29 +01:00
Willem Toorop
e328f848eb
getdns_rrset and iterators
2015-06-19 18:02:16 +02:00
wtoorop
d819bc901b
Merge pull request #104 from saradickinson/features/transport_api
...
Commit addition of transport list to the API.
2015-06-18 22:02:46 +02:00
Sara Dickinson
0acdcc34b0
Changelog, idle_timeout test, formatting
2015-06-18 17:29:23 +01:00
Sara Dickinson
68dfb15706
Add context idle timeout
2015-06-18 17:11:11 +01:00
Sara Dickinson
8dd8d90e74
Commit addition of transport list to the API.
...
- set and get functions are added.
- Existing transport functions retained for backwards compatibility.
- Basic combinations work as before, but underlying functional changes and cleanup are not complete yet...
- Context level options for timeouts and max_transactions_per_tcp_connection coming soon...
2015-06-17 17:18:09 +01:00
Willem Toorop
129e340e8e
Collect validation chains for RRs without sigs
2015-06-17 14:46:44 +02:00
Willem Toorop
39639a86c4
Make dname_equal reusable
...
+ some symbol renames
2015-06-16 16:11:51 +02:00
Willem Toorop
4445a5f9cc
Include rdata size with compressed names
2015-06-12 15:45:50 +02:00
Willem Toorop
731cc37434
Another redundant ldns reference
2015-06-12 15:45:37 +02:00
Willem Toorop
97f0dddb1e
remove ldns dependency from rr-dict.c
...
Only dnssec.c left
2015-06-12 13:51:36 +02:00
Willem Toorop
ae1db39a33
Native stub validation
2015-06-11 15:40:44 +02:00
Willem Toorop
c28f6ee595
rm of superfluous ldns_rr to getdns_dict funcs
2015-06-11 12:17:47 +02:00
Willem Toorop
fd385454b4
rm a few more leftover ldns references
2015-06-11 12:04:59 +02:00
Willem Toorop
e820452aaa
Rm 2 outdated ldns usage cases
2015-06-11 11:21:12 +02:00
Willem Toorop
d5f70ab904
rm spurious execute bits +unit test to detect them
...
Thanks Paul Wouters
2015-05-26 14:16:27 +02:00
Willem Toorop
42bdaaa69d
We already redefined minievent symbols
2015-05-21 15:02:51 +02:00
Willem Toorop
f78ad93853
Update Makefile's, constants and symbols
2015-05-13 23:30:14 +02:00
Sara Dickinson
894cb1555b
Fix intermittent crash for STARTTLS
2015-05-13 17:15:56 +01:00
Willem Toorop
98b3364b65
uniform debugging method + disable stub debugging
2015-05-13 12:47:17 +02:00
Willem Toorop
011b504496
Fix misplaced freeaddrinfo
2015-05-13 12:39:24 +02:00
Willem Toorop
b89b625321
autoreconf -fi on FreeBSD to get libtool 2.4.6
2015-05-12 20:47:23 +02:00
wtoorop
802c693ee5
Merge pull request #97 from saradickinson/features/async_tls
...
Features/async tls
Thank you Sara!
2015-05-12 17:05:10 +02:00
saradickinson
3ac5e660f9
Address few minor bugs pointed out by willem
2015-05-11 22:01:31 +02:00
Willem Toorop
01d4275336
Run once with libevent!
2015-05-08 13:12:06 +02:00
Sara Dickinson
9a7bfdd45b
Add trivial stub_debug functions.
2015-05-03 15:39:21 +01:00
Sara Dickinson
9d967317d3
Improve the timeout handling for TLS.
2015-05-03 15:11:46 +01:00
Sara Dickinson
01adce8299
Organise code in stub.c and add some utility methods.
2015-05-02 18:08:45 +01:00
Sara Dickinson
d6d83b219d
Make sure UDP only uses 1 upstream per IP address. Fix a couple of other bugs.
2015-04-30 19:07:49 +01:00
Sara Dickinson
450a3bc6ff
Fix STARTTLS fallback.
2015-04-30 14:52:16 +01:00
Sara Dickinson
7905eda8b7
Some clean up of connection handling. Still a problem with STARTTLS fallback that needs fixing.
2015-04-30 12:24:13 +01:00
Sara Dickinson
79b3412fbf
Add another transport option as proof of concept for STARTTLS.
2015-04-29 19:20:25 +01:00
Sara Dickinson
b533bc59c5
Fix bug when fallback not available
2015-04-27 16:37:16 +01:00
Sara Dickinson
4e6e66fc77
Get sync messages working with new async code.
2015-04-27 15:32:57 +01:00
Sara Dickinson
3de15ad782
Change internal transport handling to use a list, not a fixed type
2015-04-24 16:29:08 +01:00
Sara Dickinson
f2ae55858f
First pass at making handshake async. Lots of issues with this code still
...
- timeouts are not being rescheduled on fallback
- several error cases are not being handled correctly (e.g. 8.8.8.8) and a user callback is not always called
- the fallback mechanism is not generic (specific to tls to tcp)
2015-04-23 17:46:31 +01:00
Willem Toorop
2a6fc74314
netinet/in.h and openssl/ssl.h from config.h
2015-04-18 22:30:56 +02:00
Willem Toorop
0ba6af3523
upstreams_cleanup from upstreams_dereference
2015-04-18 22:17:28 +02:00
Willem Toorop
84c5b67ee0
Re-enable printing of json with getdns_query
2015-04-18 09:53:50 +02:00
Willem Toorop
b26f09d1aa
autoreconf -if # For convenience...
2015-04-18 09:35:46 +02:00
Sara Dickinson
6c7ffc4e4e
1) Fix enum mapping error.
...
2) Also add detection of TLS 1.2 in openssl during configure and warn that it if not available then TLS will not be available. Using TLS_ONLY in stub mode will then error with BAD_CONTEXT. TLS/TCP will fallback to TCP.
3) Explicitly disallow use of TLS_ONLY in RECURSIVE mode since it isn't supported yet. TLS/TCP will fallback to TCP.
4) Fix for MAC OS X build where openssl not linked correctly
2015-04-17 18:38:13 +01:00
Sara Dickinson
ab4fb8d9e9
Enable GETDNS_TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN for libunbound. Should only be used in stub mode.
...
GETDNS_TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN still just does TCP.
Also some tidy up of new transport types.
2015-04-17 15:50:08 +01:00
Sara Dickinson
99c1973fae
Cleanup of TLS code
2015-04-16 18:05:51 +01:00
saradickinson
99aa79b48f
First pass at TLS implementation - needs work!
2015-04-16 18:05:27 +01:00
Willem Toorop
b163ad1870
Doxygen documentation for the new functions
2015-04-08 15:36:12 +02:00
Willem Toorop
830e0267b3
Fix ASSERT_RC macro with check_getdns
2015-04-03 00:15:32 +02:00
Willem Toorop
c63bbd1399
s/getdns_strerror/getdns_get_errorstr_by_id/g
...
In the unit tests make use of the newly exposed error string getter
2015-04-02 23:08:35 +02:00
Willem Toorop
87eb9307a7
A getter for context update callbacks
2015-04-02 22:01:30 +02:00
Willem Toorop
498dedbb8d
typo :(
2015-04-02 15:56:13 +02:00
Willem Toorop
a0aabc3543
getdns_get_errorstr_by_id replaces getdns_strerror
...
In the future maybe. Discuss on list.
2015-04-02 15:33:10 +02:00
Willem Toorop
56bb9dbbdc
Pass along a userarg with context update callbacks
2015-04-02 14:42:26 +02:00
Willem Toorop
18381e7753
Get rid of +sit option in getdns_query
2015-04-02 13:59:10 +02:00