interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,035 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

354 Commits

Author SHA1 Message Date
Willem Toorop 5b832e457c Allow dns_root_servers to be given by bindata too 2016-05-23 15:53:36 +02:00
Willem Toorop 14a950bc29 getdns_query -C for settings via config file 2016-05-22 15:35:32 +02:00
Sara Dickinson 84d6da8ef6 Fix ups after Willems review 2016-05-20 16:01:23 +01:00
Willem Toorop e8db20a722 Merge branch 'develop' into features/create_dict_with_json 2016-05-20 15:04:08 +02:00
Sara Dickinson 98d636b99d Updates to unit tests and tpkg 2016-05-16 17:56:48 +01:00
Sara Dickinson 5f225d6be3 Add TLS session resumption 2016-05-16 17:41:55 +01:00
Willem Toorop 5085af0d28 Abit more leniency in what to accept for upstreams 
address_type no longer necessary
instead of address dicts, just bindata is now also ok
 2016-05-03 14:52:30 +02:00
Willem Toorop a8dbb3dd51 Static checking fixes 2016-04-29 12:00:17 +02:00
Willem Toorop c53b15bd9a target-fetch-policy only with unbound-event-api 2016-03-31 07:49:40 -03:00
Willem Toorop c9fab8c242 target-fetch-policy for more resilient recursion 2016-03-30 10:56:46 -03:00
wtoorop 4e0073ae6f Merge pull request #157 from gmadkat/develop 
Added code to read the domain from the registry and use it if search …
 2016-03-29 16:13:04 +02:00
gmadkat af7f384cf3 Added code to read the domain from the registry and use it if search suffixes are missing 2016-03-27 22:37:54 -07:00
Melinda Shore 1f45bf7e43 Merge pull request #154 from wtoorop/devel/no-sync-side-effects 
No more side effects with synchronous calls
 2016-03-24 10:53:05 -08:00
Melinda Shore 4b033c766b Merge pull request #156 from wtoorop/devel/std-suffix-handling 
Devel/std suffix handling
 2016-03-24 10:52:36 -08:00
Willem Toorop fdd3992f65 openssl 1.1 support 2016-03-24 14:02:18 +01:00
Willem Toorop e7c77290cc GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST 2016-03-23 23:27:27 +01:00
Willem Toorop b0ecda5d2e No more side effects with synchronous calls 
(and upstreams that keep connections open)
 2016-03-23 22:13:31 +01:00
Willem Toorop e934c100a2 Merge branch 'develop' into devel/codebase-maintenance 2016-03-22 13:22:13 +01:00
gmadkat 5d2a05f5e0 Added search suffix for Windows from registry 2016-03-21 21:10:57 -07:00
Willem Toorop 90beaaff1d Use non-copying list_append_this_dict 2016-03-21 14:56:09 +01:00
Willem Toorop 4551f0850b Use non-copying dict_set_list 2016-03-21 12:50:43 +01:00
Willem Toorop 6f157854ce Use non-copying dict_set_dict 2016-03-21 11:55:21 +01:00
Sara Dickinson c1f15fc0ac Minor tweaks 2016-03-18 12:02:40 +00:00
Sara Dickinson c08371ebb0 First pass at updating DEBUG_STUB output 2016-03-18 11:34:51 +00:00
Willem Toorop ab742b34b6 Miscelaneous scheduling fixes and improvements 2016-03-17 16:49:05 +01:00
Melinda Shore cf451d2b2b Merge pull request #146 from wtoorop/devel/direct_root_servers 
Devel/direct root servers
 2016-03-14 20:06:07 -08:00
Melinda Shore 4b5c61145a Merge pull request #144 from wtoorop/devel/default_eventloop 
Devel/default eventloop
 2016-03-14 20:02:57 -08:00
Willem Toorop d938c433ab Set root servers without temporary file 2016-03-14 11:33:06 +01:00
Willem Toorop a83c54387d Reuse sync eventloop per context 
So recursive resolution can depend on and continue with outstanding queries it depends on
 2016-03-09 11:16:19 +01:00
Willem Toorop 70cc65f786 Replace default append_name setting 
to GETDNS_APPEND_NAME_ONLY_TO_SINGLE_LABEL_AFTER_FAILURE
 2016-03-09 10:37:05 +01:00
Willem Toorop 4230961e9f Basic usage of unbound pluggable event loop 2016-03-01 16:29:37 +01:00
Willem Toorop 6fd05675aa Fix memory leak with getdns_get_api_information() 
Thanks Robert Groenenberg.
 2016-02-26 12:24:45 +01:00
Willem Toorop e6f5cdb45b Merge branch 'develop' into devel/default_eventloop 2016-02-04 15:17:25 +01:00
wtoorop 60be402062 Merge pull request #139 from ln5/parsing-resolvconf 
Don't treat "domain" or "search" as a nameserver.
Thank you Linus
 2016-02-04 10:06:40 +01:00
Linus Nordberg 466302131e Don't treat "domain" or "search" as a nameserver. 
Continue the while fgets() loop as soon as we're done with "domain" or
"search".

Simplify the logic of the function by removing the if else constructs.
 2016-02-03 14:57:09 +01:00
unknown db4207f60d More review changes and made comments C style, req Willem. 2016-02-01 11:02:24 -05:00
unknown 170795ad06 More review changes and made comments C style, req Willem. 2016-02-01 10:56:45 -05:00
unknown f5290b6a68 add change from Sara to return if a cert conversion or add to store fails 2016-01-31 00:13:09 -05:00
unknown 504881fc6f Minor fixes to compile and run the CA trust store adapter from Windows to openopenSSL 2016-01-27 16:30:50 -05:00
Sara Dickinson 111794158c Improve Windows CA handling code 2016-01-27 12:50:16 +00:00
unknown 7e9563faed Added a wincrypt adapter to read CA trust certs from Windows CA store and feed them into openssl for TLS hostname authentication 2016-01-23 18:47:03 -05:00
Willem Toorop ca36c879a0 Set unbound target fetch policy to on demand only 2016-01-20 10:21:05 +01:00
Willem Toorop ae2b16665b Setup getdns eventloop in libunbound 
When unbound supports this
 2016-01-19 16:52:11 +01:00
Willem Toorop 2a6318afd2 Disable scheduling ub_fd() 2016-01-12 16:38:10 +01:00
Willem Toorop 4fd8d3dddd Replace mini_event extension by default_eventloop 
* default_eventloop was prototyped in getdns_query and is still in there as my_eventloop
  * It interfaces directly with the scheduling primitives of getdns.
  * It can operate entirely from stack and does not have to do
    any memory allocations or deallocations.

* Adapted configure.ac to allow libunbound to be linked with Windows
  (with the removal of winsock_event.c we have no symbol clashed anymore)

* Added STUB_TCP_WOULDBLOCK return code in stub_resolving helper functions,
  to anticipate dealing with edge triggered event loops (versus level triggered). (i.e. Windows)
 2016-01-12 15:52:14 +01:00
Willem Toorop 39f7e87f1a Get rid of unkown format specifiers on windows 2016-01-11 12:11:17 +01:00
Willem Toorop 16a82eede2 Deal with roadblock avoid. + stub-only at run time 
And make the single usage function validate_extension static
 2016-01-05 12:38:35 +01:00
Sara Dickinson 1f9424ccf2 Fix output of get_api_settings functions 2016-01-05 09:25:49 +00:00
Willem Toorop 08c0c4d6e4 Fixes from testing on different platforms 2015-12-30 14:39:11 +01:00
Willem Toorop 8c46e969d6 Notify for not implemented namespaces and ... 
follow_redirects.
 2015-12-30 13:55:45 +01:00
Willem Toorop 11b0346ded Miscelaneous TSIG bugfixes 2015-12-30 12:25:58 +01:00
Willem Toorop 875ef3f9d4 Successive suffix append retries 2015-12-29 23:06:02 +01:00
Willem Toorop 89b6c04d4f First query append 2015-12-29 17:34:14 +01:00
Willem Toorop 54498cd556 Distinct between suffix and suffixes more clearly 2015-12-29 16:23:04 +01:00
Willem Toorop ebe3d361ea Returning strings does include the null byte 2015-12-29 16:17:17 +01:00
Willem Toorop 5a388386b4 Store suffixes in wireformat 2015-12-29 16:00:15 +01:00
Willem Toorop 3e2464af6d Changes that came out of portability tests 2015-12-24 15:28:12 +01:00
Willem Toorop a2bdfb2f22 Merge branch 'features/windows-support' into develop 2015-12-24 14:44:18 +01:00
Willem Toorop 9d3905459e Miscellaneous fixes to compile on windows 
Also without warnings.
 2015-12-24 14:41:50 +01:00
saradickinson b777552f34 Merge pull request #131 from saradickinson/feature/pubkey-pinning 
Feature/pubkey pinning
 2015-12-24 10:13:53 +00:00
Willem Toorop caba5f19d5 Merge branch 'develop' into features/windows-support 2015-12-24 11:01:26 +01:00
Willem Toorop 8bde787703 Use mkstemp instead of tmpnam to eliminate warning 2015-12-24 10:50:58 +01:00
Willem Toorop 71b2a44945 Remove root_servers comment leftovers 2015-12-23 21:19:52 +01:00
Daniel Kahn Gillmor 77802808ce rename GETDNS_AUTHENTICATION_HOSTNAME with GETDNS_AUTHENTICATION_REQUIRED 2015-12-23 18:00:43 +00:00
Daniel Kahn Gillmor 0d2256df09 set and return the pubkey_pinsets on the upstream resolvers 2015-12-23 17:59:50 +00:00
Daniel Kahn Gillmor 4dbe1813e4 added simple sha256 public key pinning linked list to getdns_upstream 2015-12-23 17:59:50 +00:00
Willem Toorop fbae577a54 Setting of root servers 
test with

	getdns_query -f yeti.key -R yeti.hints nlnetlabs.nl A +dnssec_return_status

where yeti.key comes from:

	https://raw.githubusercontent.com/BII-Lab/Yeti-Project/master/domain/named.cache

and yeti.hints from:

	https://raw.githubusercontent.com/BII-Lab/Yeti-Project/master/domain/KSK.pub
 2015-12-23 17:15:45 +01:00
Willem Toorop fe7a1e89e3 Constify new work 2015-12-22 11:32:15 +01:00
Willem Toorop 5bbcbb97a1 Merge branch 'develop' into features/conversion_functions 2015-12-22 11:28:27 +01:00
Willem Toorop ee2a1fbfe6 Merge branch 'features/tsig' into develop 2015-12-22 01:08:25 +01:00
Sara Dickinson 746a827baa Implement client side edns-tcp-keepalive 2015-12-21 17:05:56 +00:00
Willem Toorop 98dc4018c3 Setting & getting of tsig info per upstream 2015-12-21 12:22:59 +01:00
Sara Dickinson 13ddf9ad83 Update constants 2015-12-18 16:14:54 +00:00
Sara Dickinson c5b839bda8 remove STARTTLS 2015-12-18 16:14:54 +00:00
Willem Toorop 5663f914fb Mode debug marco's to own header 
To reduce dependency location fixes in test directory.
 2015-12-18 13:40:52 +01:00
Willem Toorop a2e15a169d Revert syntactic/style changes 
So actual changes aren't obfuscated
 2015-12-17 12:37:33 +01:00
Willem Toorop d67949d1e7 iterators go over const wireformat data 2015-12-07 16:43:41 +01:00
unknown 22a8550caa Bug fix in get_os_defaults, clean up code in winsock_event, add code to handle event handling differences in Winsock2 2015-12-04 16:12:43 -05:00
unknown 2d58ed465c Changes for Windows, Fix configure.ac to take in a winsock option to configure and generafigure, add ifdef's to stub out windows code for other platforms. 2015-11-22 22:38:13 -05:00
Sara Dickinson d75ba83013 Fix bug with call_debugging reporting of UDP and add a getter for tls_authentication 2015-11-13 13:28:43 +00:00
Willem Toorop 1bb2daff1e ub_setup_recursing not used without libunbound 2015-11-11 14:03:16 +01:00
Willem Toorop c7f4fc3625 Fix disabling roadblock avoidance with configure 2015-11-05 07:43:33 +09:00
Willem Toorop 8a6f7d5b90 Merge branch 'develop' into features/dnssec_roadblock_avoidance 2015-11-04 17:49:21 +09:00
Daniel Kahn Gillmor b3128652f4 add tls_query_padding_blocksize property for getdns_context 
This is a parameter to the getdns_context that tells the context how
much to pad queries that go out over TLS.

It is not yet functional in this commit, but the idea is to pad each
outbound query over TLS to a multiple of the requested blocksize.

Because we only have a set amount of pre-allocated space for dynamic
options (MAXIMUM_UPSTREAM_OPTION_SPACE), we limit the maximum
padding blocksize.

This is a simplistic padding policy.  Suggestions for improved padding
policies are welcome!
 2015-11-01 15:49:56 +09:00
Daniel Kahn Gillmor df3725e635 added edns_client_subnet_private to getdns_context 
https://tools.ietf.org/html/draft-ietf-dnsop-edns-client-subnet-04

Using the above spec, an intermediate resolver may forward a chunk of
the client's IP address to the authoritative resolver.

Setting edns_client_subnet_private to a getdns_context in stub mode
will indicate to the next-hop recursive resolver that the client
wishes to keep their address information private.
 2015-11-01 15:49:50 +09:00
Willem Toorop b062974fb1 ub_setup_recursion also for non roadblock avoidance 2015-11-01 15:48:31 +09:00
Daniel Kahn Gillmor 3e90795680 enable talking to servers with ECDSA certs 
There is no clear reason to reject servers that don't have RSA certs.
We should accept ECDSA certs as well.

(also, clean up comments about opportunistic TLS)
 2015-11-01 15:47:03 +09:00
Willem Toorop af6947cbb3 Merge branch 'develop' into features/dnssec_roadblock_avoidance 2015-11-01 15:34:21 +09:00
Willem Toorop 8b9041325b Bugfix don't grow upstreams memory 
upstreams have internal references and cannot be realloc'ed easily
 2015-11-01 15:23:26 +09:00
Willem Toorop ae2cc39a36 Full roadblock avoidance functionality 2015-11-01 12:28:43 +09:00
Willem Toorop de59b700ce Fix libidn really absent + NetBSD fixes 2015-10-29 19:13:39 +01:00
Willem Toorop 973fcbddcc Don't assume mini_event loop 2015-10-22 14:38:34 +02:00
Willem Toorop 47b77c948a Fix small memory leak when switching event loops 2015-10-22 14:16:53 +02:00
Willem Toorop fbc3b2d6a8 Use the NOT_IMPLEMENTED return code! 2015-10-22 12:13:40 +02:00
Willem Toorop b88c74b4c8 Synchronize with October 2015 spec 2015-10-22 12:02:04 +02:00
Sara Dickinson b74c62066c Cleanup 2015-10-16 18:31:57 +01:00
Sara Dickinson 689447509a Change port used for TLS to 853 2015-10-16 17:00:14 +01:00
Sara Dickinson 28ffb2fdf6 Add ls_authentication to API 2015-10-16 17:00:14 +01:00
Sara Dickinson 6b4ee4ed31 Block authenticated requests on unauthenticated connection 2015-10-16 17:00:14 +01:00
Sara Dickinson af617e92a7 Implement authenticaiton fallback on a given upstream (needs more work). Also need API option to set auth requirement. 2015-10-16 17:00:14 +01:00