Commit Graph

48 Commits

Author SHA1 Message Date
Sara Dickinson 00d3232ba4 Fix windows build 2017-12-15 16:53:23 +00:00
Willem Toorop e691312a3f Schedule DNSSEC meta queries against existing context 2017-12-13 12:50:03 +01:00
Willem Toorop 96ed06c6a9 Initialize context with given resolv.conf and hosts files
- getdns_context_create with set_from_os set will simply call these
  functions with the defaults

+ filechg_check is simplified somewhat (reducting memory management)
+ get OpenSSL version version via get_api_information()
2017-12-12 12:24:31 +01:00
Willem Toorop 3e16075563 Test getdns_context_create2 with getdns_query 2017-11-23 12:26:40 +01:00
Willem Toorop 260416a859 Ignore SIGPIPE signal (for not suddenly stopping) 2017-11-10 10:42:17 +01:00
Willem Toorop 87879783ec Postpone dealing with upstream derenferencing issue 2017-10-18 14:33:59 +02:00
Willem Toorop eedd1a1448 Eat incoming garbage on statefull transports
Can deal with timed out queries that are answered anyway.
+ reset the upstream on failure always
  (since requests are rescheduled for fallback by upstream_failed now anyway)
2017-10-17 16:58:01 +02:00
Willem Toorop 52a4500792 Signedness error 2017-09-28 15:13:57 +02:00
Willem Toorop 078c50f1b2 fread with mingw32 compiled can return < file sz,
because it automatically converts \r\n into \n
2017-09-28 15:09:16 +02:00
Willem Toorop bf2e08e2df Move yaml config handling to Stubby 2017-09-27 12:45:13 +02:00
Willem Toorop 712f62a4c1 Things that came out of compiling on Windows 2017-09-21 11:03:38 +02:00
Jim Hague dcc6cd36c6 Merge pull request #2 from saradickinson/features/yaml
Change extension from .yaml to .yml
2017-09-13 17:56:47 +01:00
Jim Hague 80b2eacc26 Merge branch 'develop' into features/yaml 2017-09-13 16:55:11 +00:00
Sara Dickinson 8618e4b731 Change extension from .yaml to .yml 2017-09-13 17:41:16 +01:00
Sara Dickinson 8c331d580a Improve usage of getdns to make file extension clearer 2017-09-13 15:48:42 +01:00
Sara Dickinson f53e5645d9 Improve the comments about the new backoff handling.
Remove unnecessary log.
2017-09-13 10:00:56 +01:00
Jim Hague 6c95f4177d Add YAML configuration option.
Add new extra functions getdns_yaml2(dict|list|bindata|value)(). These are like their getdns_str2() counterparts, but take YAML input rather than JSON.

YAML introduces a new dependency, on libyaml. YAML can be disabled at configuration time, in which case the dependency is removed.

Modify getdns_query such that if a configuration file name includes ".yaml" it will be processed as a YAML configuration, not a JSON configuration.

Internally, getdns_yaml2*() work by passing the YAML string through a simple translation to JSON. At present, this translation assumes that configuration is the only use case, and so will error if the outer layer of the YAML input is not a map. This in effect means that at present all getdns_yaml2*() functions apart from getdns_yaml2dict() will give an error on the YAML translation to JSON.
2017-09-12 16:47:57 +01:00
Sara Dickinson 2e4e3873e4 First pass at fixing problems when connections to servers are lost.
Need to reset connection state if connections fail at setup and on read/write if there are no more messages queued.
This means we will back-off servers that fail, so we should think about using a shorter backoff default in stubby
because otherwise temporarily loss of the network connection will mean having to restart stubby.
Also some minor changes to logging.
2017-09-06 11:05:08 +01:00
Willem Toorop 5a94081634 Make switch/case fallthroughs explicit
+1 fallthrough bugfix in getdns_query
2017-08-24 13:51:58 +02:00
Willem Toorop c5acb3769b Exit with error when answers were bogus 2017-07-06 21:28:34 +02:00
Willem Toorop d402603f4a Merge branch 'develop' of github.com:getdnsapi/getdns into develop 2017-07-06 12:13:30 +02:00
Willem Toorop 4478745955 No output from getdns_query to stdout except the result (unless -V is used)
Resolves issue #315
2017-07-06 12:08:09 +02:00
Sara Dickinson 28c41c3495 Move the SYNC/ASYNC response text to after the dict so the dict is the first thing output and can be parsed without stripping this text (request from user). 2017-07-06 12:03:35 +02:00
Willem Toorop 264135e799 Reintroduct timestamps and replace GETDNS_DAEMON: with STUBBY: 2017-06-28 21:09:40 +02:00
Willem Toorop 8235250fb6 Rename SYSTEM_DAEMON in LOG_UPSTREAM_STATS 2017-06-28 20:57:53 +02:00
Willem Toorop 04e554086a A configurable log function
Currently used only for DAEMON_DEBUG
2017-06-27 00:23:22 +02:00
Willem Toorop ad53010cd2 NSAP-PTR 2017-05-02 14:50:39 +02:00
Willem Toorop 708e520989 Spelling fixes from Andreas Schulze 2017-04-11 23:33:24 +02:00
Willem Toorop c9b3e3cf7b Allow cleanup of naked idle timeouts 2017-04-06 20:50:34 +02:00
wtoorop fe49bc1c69 Merge pull request #279 from dkg/feature/padding-policy
Implement sensible default padding policy.
2017-03-27 08:19:31 -05:00
Daniel Kahn Gillmor f2a90925bc getdns-query: S is no longer a valid transport label. 2017-03-26 14:38:43 -05:00
Daniel Kahn Gillmor 9de4d6537b Implement sensible default padding policy.
This commit changes the semantics of tls_query_padding_blocksize()
slightly.  Where previously both 0 and 1 meant "no padding", this
commit changes 1 to mean "pad using a sensible policy".

At NDSS 2017's DNS privacy workshop, I presented an empirical study of
DNS padding policies:

https://www.internetsociety.org/events/ndss-symposium/ndss-symposium-2017/dns-privacy-workshop-2017-programme#session3

The slide deck is here:
https://dns.cmrg.net/ndss2017-dprive-empirical-DNS-traffic-size.pdf

The resulting recommendation from the research is that a simple
padding policy is relatively cheap and still protective of metadata
when DNS traffic is encrypted:

 * queries should be padded to a multiple of 128 octets
 * responses should be padded to a multiple of 468 octets

Since getdns is only currently doing queries over tls, we only have to
implement the first part of this policy :)
2017-03-26 14:37:28 -05:00
Sara Dickinson 09df4e2d5d Fix spacing error in stubby help output 2017-02-23 13:55:43 +00:00
Willem Toorop 80219a4195 Merge branch 'bugfix/replace__FUNCTION__' into bugfix/1.1.0-alpha3/replace__FUNCTION__ 2016-12-12 14:20:31 +01:00
Willem Toorop 9d48c47980 Merge branch 'develop' into release/1.1.0-alpha3 2016-12-08 16:31:47 +01:00
Willem Toorop 8f75e4ed8d Few more things to work with CFLAGS=-Wextra 2016-12-08 15:17:27 +01:00
Willem Toorop f31b2fa233 Merge branch 'develop' into release/1.1.0-alpha3 2016-12-08 15:06:25 +01:00
Sara Dickinson 471e8725e2 Change the default profile for Stubby to use TLS then UDP/TCP
- this will only try over TLS a few times before backing off to clear text
  - but makes the default  for Stubby opportunistic privacy (Willem - WDYT?)
Also use padding and ECS privacy by default for Stubby.
More debugging to help users when there are failures or fallbacks.
Also remove a few help options from Stubby that don't apply
Add -v to output version on getdns_query/stubby
2016-12-06 14:44:40 +00:00
Willem Toorop 57e2a18f94 Minor fixes to make it compile on Windows again 2016-11-03 15:35:53 +01:00
Willem Toorop 4bf93de12b More conventional function prototypes for servers 2016-11-02 13:40:02 +01:00
Willem Toorop bc70b29416 Stubby release 2016-10-19 07:30:31 -05:00
Willem Toorop 732844eeaa Correct default config 2016-10-16 09:46:02 -05:00
Willem Toorop 838375fe66 Run stubby in foreground by default 2016-10-16 05:32:05 -05:00
Willem Toorop ec04dc21ee Stubby defaults in help text 2016-10-14 10:14:38 -05:00
Willem Toorop 3d356bd35e Stubby runs in background by default 2016-10-14 09:51:17 -05:00
Willem Toorop 58b5ead67a Make stubby act as stubby 2016-10-14 08:24:25 -05:00
Willem Toorop 94292f5bc7 Merge branch 'release/v1.0.0b2' into release/v1.1.0a1 2016-07-14 16:22:53 +02:00
Willem Toorop 80ea8637d1 Recover src/tools 2016-07-14 14:50:26 +02:00