interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,188 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

3188 Commits

Author SHA1 Message Date
Willem Toorop 73cee29f55 Make TLS Handshake timeout max 4/5th of timeout 
for the query, just like connection setup timeout was, so fallback transport have a chance too when TCP connection setup is less well detectable (as with TCP_FASTOPEN on MacOS).
 2020-03-16 14:50:59 +01:00
Jim Hague 0b01ad8e6f Merge branch 'develop' of https://github.com/getdnsapi/getdns into develop 2020-03-16 11:23:52 +00:00
Willem Toorop 3c6756d68b Issue #466: Memory leak with retrying queries 
(for examples with search paths).
Thanks doublez13.
 2020-03-13 22:31:01 +01:00
Jim Hague 3f9e0f9671 Merge branch 'my-develop' into develop 
Update Stubby and add small GnuTLS version fixup to signature selection.
 2020-03-12 16:17:08 +00:00
Jim Hague be09306567 Update Stubby to pick up latest Stubby release tag and Windows packaging details. 2020-03-12 16:13:11 +00:00
Jim Hague cd386cd917 Merge commit '26a95b5b8a213096641654c5b97976e66ec32e5d' into my-develop 
# Conflicts:
#	src/gnutls/tls.c
 2020-03-12 15:51:22 +00:00
Willem Toorop 2c51db610a
Merge pull request #465 from banburybill/develop 
Relax GnuTLS priority strings slightly to allow getdns to work with T…
 2020-03-05 14:52:55 +01:00
Willem Toorop 26a95b5b8a Fix DoT with GnuTLS >= 3.6 2020-03-05 14:46:32 +01:00
Jim Hague 0078977ada Merge branch 'develop' into my-develop 2020-03-05 13:25:24 +00:00
Jim Hague 9baf655a7b Relax GnuTLS priority strings slightly to allow getdns to work with TLS1.3 servers. 
Now GnuTLS 3.6.5 and later are in the field, we've run into problems handshaking with TLS1.3 servers with a GnuTLS build. OpenSSL works fine. Comparing the client handshake of GnuTLS and OpenSSL, we found GnuTLS was being considerably more restrictive. This change loosens the restriction so GnuTLS presents nearly the same set of cipher and other options and OpenSSL. OpenSSL provides more signature algorithms. The change gets GetDNS working against Quad1, Quad8, Quad9 and the getdnsapi servers.
 2020-03-05 13:24:44 +00:00
Willem Toorop c234865a80 Print GnuTLS debug messages 2020-03-05 13:39:30 +01:00
Willem Toorop 6972c99268
Merge pull request #464 from banburybill/develop 
Various small fixes
 2020-03-05 10:14:28 +01:00
Jim Hague 252d68e67a Update stubby. 2020-03-04 16:06:14 +00:00
Jim Hague 37e33bc7f5 Merge branch 'develop' into my-develop 2020-03-04 15:30:47 +00:00
Jim Hague e96e334932 Point ssl_dane submodule back at getdnsapi version. 2020-03-04 15:30:26 +00:00
Jim Hague 55ffca15ce Merge branch 'develop' into my-develop 2020-03-04 15:13:57 +00:00
Jim Hague 1328fac5ae Merge commit 'ef455471f4f1db778e7bcc58818fc780a280c16d' into develop 2020-03-04 15:13:02 +00:00
Willem Toorop ef455471f4 Work around dnsmasq issue 2020-03-04 10:57:11 +00:00
Jim Hague f01e7188c8 CMake libunbound fixups. 
1. ub_ctx_set_stub is in unbound.h, not unbound-events.h.
2. Only bother looking for unbound event API if enabled.
3. If building stub only, ensure all libunbound items are off. This is necessary in case we first configure without stub only, and then change to stub only.

Fixes #463
 2020-03-04 09:45:52 +00:00
Jim Hague 65f7d96678 Merge branch 'develop' into my-develop 2020-03-03 17:29:52 +00:00
Jim Hague 822d8ad703 Revise recent lookup3.c update to restore building on Windows. 
As we're now building with CMake, and CMake can supply endianness, just insist on using that.
 2020-03-03 17:28:34 +00:00
Jim Hague 2e4070a3cd Merge branch 'develop' into my-develop 2020-03-03 14:51:17 +00:00
Willem Toorop 689415971a Run all tests again 2020-03-03 13:14:45 +00:00
Willem Toorop e7d435e426 Name only authentication with GNUTLS 2020-03-03 13:04:27 +00:00
Willem Toorop 9c8b70e4bc Eliminate compile error 2020-03-03 13:03:58 +00:00
Jim Hague 38627fbb01 Merge branch 'develop' into my-develop 2020-03-03 11:30:13 +00:00
Jim Hague 3073d33560 Update stubby. 2020-03-02 18:13:47 +00:00
Willem Toorop af46e20721 Fix reporting authentication failure 2020-03-02 15:51:46 +00:00
Willem Toorop e17ed3938c Fix: mem leak with gnutls 2020-03-02 15:12:18 +00:00
Willem Toorop 1067326bd0 Merge branch 'develop' of github.com:getdnsapi/getdns into develop 2020-03-02 15:31:28 +01:00
Willem Toorop f05c0ad754 Testing GNUTLS DoT tests 2020-03-02 15:30:58 +01:00
Willem Toorop 16c20fe04d
Merge pull request #462 from doublez13/develop 
Fix uninitialized value in tls_create_object
 2020-03-02 15:20:51 +01:00
Willem Toorop f73bf0dfa5 Dependencies for travis (+ testing...) 2020-03-02 15:17:03 +01:00
Willem Toorop 3b5d1a9353 Stub only links with GNUTLS 
And valgrind check includes DoT session
 2020-03-02 15:12:33 +01:00
Willem Toorop f3a38e9a40 Sync tools shared with unbound 2020-03-02 15:11:58 +01:00
Jim Hague 5721c501c3 Point stubby at my repo. 2020-03-02 13:41:12 +00:00
Zane Zakraisek b804b8effb Fix uninitialized value in tls_create_object 
On the first call to tls_create_object (stub.c), tls_fallback_ok is read
before being initialized. This patch initializes tls_fallback_ok to 0 in
upsteam_init (context.c)

Valgrind complains about the uninitialized value:
==14774== Conditional jump or move depends on uninitialised value(s)
==14774==    at 0x1528C3: tls_create_object (stub.c:900)
==14774==    by 0x1556AD: upstream_connect (stub.c:2065)
==14774==    by 0x15582E: upstream_find_for_transport (stub.c:2109)
==14774==    by 0x1558B7: upstream_find_for_netreq (stub.c:2130)
==14774==    by 0x156027: _getdns_submit_stub_request (stub.c:2296)
==14774==    by 0x1421C8: _getdns_submit_netreq (general.c:478)
==14774==    by 0x14261D: getdns_general_ns (general.c:636)
==14774==    by 0x142905: _getdns_general_loop (general.c:731)
==14774==    by 0x1432FB: getdns_general (general.c:888)
==14774==    by 0x118B94: incoming_request_handler (stubby.c:692)
==14774==    by 0x14F46B: udp_read_cb (server.c:762)
==14774==    by 0x15C86B: poll_read_cb (poll_eventloop.c:295)
==14774==  Uninitialised value was created by a heap allocation
==14774==    at 0x483877F: malloc (vg_replace_malloc.c:309)
==14774==    by 0x123CCF: upstreams_create (context.c:581)
==14774==    by 0x128B24: getdns_context_set_upstream_recursive_servers (context.c:2760)
==14774==    by 0x12DBFE: _getdns_context_config_setting (context.c:4646)
==14774==    by 0x12FF47: getdns_context_config (context.c:4769)
==14774==    by 0x1178C2: parse_config (stubby.c:297)
==14774==    by 0x117B24: parse_config_file (stubby.c:343)
==14774==    by 0x11919F: main (stubby.c:833)
 2020-03-01 14:13:27 -07:00
Willem Toorop fe30672afa shorten code with string conversion functions 2020-02-28 20:33:22 +01:00
Willem Toorop 1b3f570792 Bump version for release 2020-02-28 15:39:53 +01:00
Willem Toorop 328903cb52
Merge pull request #459 from banburybill/release/1.6.0-rc.1 
Tighten Nettle version checking, and fix build issue with Nettle >= 3.4.
 2020-02-25 14:36:44 +01:00
Jim Hague ab49db8aa5 Tighten Nettle version checking, and fix build issue with Nettle >= 3.4. 
Nettle 3.4 introduced accessor functions for obtaining nettle_secp_256r1 and nettle_secp_384r1. Use them if present.

Fixes #458
 2020-02-25 13:30:25 +00:00
Willem Toorop e2cb4fc4ad Typo in changelog 2020-02-21 14:27:47 +01:00
Willem Toorop e3fbe4fb51 getdns-1.6.0-rc.1 2020-02-21 14:21:12 +01:00
Willem Toorop d7099f6e30 Deal with DoT servers that take long to connect to 
(because they might be under attack)
 2020-02-21 14:17:00 +01:00
Willem Toorop dadddb0d7b Detect if __func__ can be used with debugging 2020-02-20 21:09:17 +01:00
Willem Toorop 4453febf2d Build eventloop support libraries by default 
Resolves issue #169
 2020-02-20 20:25:35 +01:00
Willem Toorop e2c6241964 Issue #175: Include query in call_reporting dict 
Thanks Tom Pusateri
 2020-02-20 17:52:27 +01:00
Willem Toorop 56ca583fa6 Issue #407 run only offline tests 2020-02-14 16:49:45 +01:00
Willem Toorop ed36240f19 Fix test 2020-02-13 17:26:18 +01:00
Willem Toorop 6cb15939ba Issue #430: Record and guard UDP max payload size with servers. 2020-02-13 17:02:24 +01:00