interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,462 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

2462 Commits

Author SHA1 Message Date
Willem Toorop b4eecd59ab Merge branch 'develop' into release/1.1.0 2017-04-13 15:46:24 +02:00
Willem Toorop 02516c4079 Two last warnings 2017-04-13 15:45:59 +02:00
Willem Toorop 05268f45b0 Bump version 2017-04-13 11:48:40 +02:00
Willem Toorop eb8fe6184a getdnsapi.net DNS over TLS ips to match the name 2017-04-13 11:47:44 +02:00
Willem Toorop d5dcdac58c Validate tls_auth_name 
Deals with issue #270
 2017-04-13 11:19:22 +02:00
Willem Toorop 691d1a77e6 Fix VS Code analysis warning 
Should settle issue #239
 2017-04-13 10:59:20 +02:00
Willem Toorop eb69cc8695 Merge branch 'develop' into release/1.1.0 2017-04-13 10:50:27 +02:00
Hoda Rohani 6c4af3af93 unintiallized array 2017-04-13 09:44:08 +02:00
Willem Toorop 6026cb1450 1.1.0-rc3 2017-04-12 23:08:20 +02:00
Willem Toorop 0da79ae77a Fix to compile with libressl. Thanks phicoh. 2017-04-12 23:05:17 +02:00
wtoorop 8dd37006c7 Merge pull request #284 from Hrish1/patch-1 
Some mispelled words corrected
 2017-04-12 22:53:36 +02:00
wtoorop 0857926965 Merge pull request #283 from wtoorop/devel/doxygen 
Devel/doxygen
 2017-04-12 22:53:21 +02:00
wtoorop 9aaafd8cca Merge pull request #285 from saradickinson/feature/update_stubby.conf 
Feature/update stubby.conf
 2017-04-12 22:52:58 +02:00
Willem Toorop 8c45f1fded All remaining doxygen documentation 
Existing documentation needs to be reviewed too though...
 2017-04-12 22:50:17 +02:00
Sara Dickinson 6e66754795 Nope - just add uncensored as the yeti servers would require a different trust anchor 2017-04-12 18:19:34 +01:00
Hrish1 b5739434ef Some mispelled words corrected 2017-04-12 20:05:31 +05:30
Willem Toorop 2226c722a9 Extra context setters 2017-04-12 12:35:46 +02:00
Willem Toorop 68a87e4cee Event loop extension functions documentation 2017-04-12 11:21:25 +02:00
Willem Toorop 708e520989 Spelling fixes from Andreas Schulze 2017-04-11 23:33:24 +02:00
Willem Toorop a060e723f2 Doxygen documentation for everything in getdns.h 2017-04-11 23:29:33 +02:00
Sara Dickinson ce7ee62355 Should we update stubby.conf to include 2 of the new test servers? 2017-04-11 15:24:10 +01:00
Willem Toorop d28283a850 Merge remote-tracking branch 'upstream/develop' into devel/doxygen 2017-04-10 12:17:59 +02:00
Willem Toorop e6696d9557 getdns_context_unset_edns_maximum_udp_payload_size 2017-04-06 20:53:18 +02:00
Willem Toorop c9b3e3cf7b Allow cleanup of naked idle timeouts 2017-04-06 20:50:34 +02:00
Willem Toorop a27915ccc9 One more ChangeLog update 2017-04-06 19:47:15 +02:00
Willem Toorop 2d011e3d19 Merge branch 'features/unset_max_udp_payload_sz' into release/1.1.0 2017-04-06 19:40:35 +02:00
Willem Toorop f0ee920227 Bump version, update ChangeLog 2017-04-06 16:13:15 +02:00
wtoorop f251f8aeda Merge pull request #282 from wtoorop/bugfix/issue-272 
Bugfix/issue 272
 2017-04-06 15:55:24 +02:00
Willem Toorop c2edc94a3a Clear timeout event when getting dnssec chain 
With full recursion
 2017-04-06 15:18:12 +02:00
Willem Toorop e35a2182a9 missing #include 2017-04-06 12:24:27 +02:00
Willem Toorop 4ceec33d08 Do something about TLS renegotiation. 2017-04-06 11:46:10 +02:00
Willem Toorop e08d3592a0 Schedule timeout when collecting for dnssec chain 2017-04-06 11:20:08 +02:00
Willem Toorop f8c7d8b5d5 Network request submission and callback reporting 2017-04-05 22:43:27 +02:00
Willem Toorop 2220c1a48d Options for request debugging 2017-04-05 17:53:39 +02:00
Willem Toorop 67baa1d651 getdns_context_unset_edns_maximum_udp_payload_size 2017-04-05 12:37:48 +02:00
Willem Toorop edecca8b63 smime verification of root-anchors.xml in ~/.getdns 2017-03-27 09:21:29 -05:00
wtoorop fe49bc1c69 Merge pull request #279 from dkg/feature/padding-policy 
Implement sensible default padding policy.
 2017-03-27 08:19:31 -05:00
wtoorop d5005a8ac0 Merge pull request #278 from dkg/getdns-query-transport-cleanup 
getdns-query: S is no longer a valid transport label.
 2017-03-26 14:53:53 -05:00
Daniel Kahn Gillmor f2a90925bc getdns-query: S is no longer a valid transport label. 2017-03-26 14:38:43 -05:00
Daniel Kahn Gillmor 9de4d6537b Implement sensible default padding policy. 
This commit changes the semantics of tls_query_padding_blocksize()
slightly.  Where previously both 0 and 1 meant "no padding", this
commit changes 1 to mean "pad using a sensible policy".

At NDSS 2017's DNS privacy workshop, I presented an empirical study of
DNS padding policies:

https://www.internetsociety.org/events/ndss-symposium/ndss-symposium-2017/dns-privacy-workshop-2017-programme#session3

The slide deck is here:
https://dns.cmrg.net/ndss2017-dprive-empirical-DNS-traffic-size.pdf

The resulting recommendation from the research is that a simple
padding policy is relatively cheap and still protective of metadata
when DNS traffic is encrypted:

 * queries should be padded to a multiple of 128 octets
 * responses should be padded to a multiple of 468 octets

Since getdns is only currently doing queries over tls, we only have to
implement the first part of this policy :)
 2017-03-26 14:37:28 -05:00
Willem Toorop f4fe2cb6c5 Merge branch 'develop' into hackathon/zeroconf-dnssec 2017-03-26 10:46:50 -05:00
wtoorop 148dfabf88 Merge pull request #276 from huitema/develop 
Fixing the select and poll event loops for Windows
 2017-03-26 10:20:48 -05:00
Willem Toorop 03efb66991 Keep connections open with sync requests too 2017-03-26 10:16:25 -05:00
huitema 6f0b08a400 Fixing the select event loop so it does not give up for naked timers in Windows. 
Making sure the poll event loop works on windows.
Fixing the poll event loop so it does not give up for naked timers in Windows.
 2017-03-26 10:07:44 -05:00
Willem Toorop 8864dfce92 Merge branch 'develop' into hackathon/zeroconf-dnssec 2017-03-25 20:37:36 -05:00
Willem Toorop 007208a122 Merge branch 'develop' of github.com:getdnsapi/getdns into develop 2017-03-25 20:22:54 -05:00
Willem Toorop 9fa6ab5994 Clang pragma's with clang only 2017-03-25 20:22:34 -05:00
Melinda Shore 01eedd5ea8 Merge pull request #275 from getdnsapi/devel/cert_in_call_reporting 
Have the peer certificate in call_reporting
 2017-03-25 19:58:16 -05:00
Willem Toorop b3e5c5fb30 Merge branch 'develop' into hackathon/zeroconf-dnssec 2017-03-25 19:52:55 -05:00
Willem Toorop b7d16e3c89 One more leak 2017-03-25 17:00:02 -05:00