interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,182 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

2258 Commits

Author SHA1 Message Date
Jim Hague cd386cd917 Merge commit '26a95b5b8a213096641654c5b97976e66ec32e5d' into my-develop 
# Conflicts:
#	src/gnutls/tls.c
 2020-03-12 15:51:22 +00:00
Willem Toorop 26a95b5b8a Fix DoT with GnuTLS >= 3.6 2020-03-05 14:46:32 +01:00
Jim Hague 9baf655a7b Relax GnuTLS priority strings slightly to allow getdns to work with TLS1.3 servers. 
Now GnuTLS 3.6.5 and later are in the field, we've run into problems handshaking with TLS1.3 servers with a GnuTLS build. OpenSSL works fine. Comparing the client handshake of GnuTLS and OpenSSL, we found GnuTLS was being considerably more restrictive. This change loosens the restriction so GnuTLS presents nearly the same set of cipher and other options and OpenSSL. OpenSSL provides more signature algorithms. The change gets GetDNS working against Quad1, Quad8, Quad9 and the getdnsapi servers.
 2020-03-05 13:24:44 +00:00
Willem Toorop c234865a80 Print GnuTLS debug messages 2020-03-05 13:39:30 +01:00
Jim Hague e96e334932 Point ssl_dane submodule back at getdnsapi version. 2020-03-04 15:30:26 +00:00
Jim Hague 1328fac5ae Merge commit 'ef455471f4f1db778e7bcc58818fc780a280c16d' into develop 2020-03-04 15:13:02 +00:00
Willem Toorop ef455471f4 Work around dnsmasq issue 2020-03-04 10:57:11 +00:00
Jim Hague 822d8ad703 Revise recent lookup3.c update to restore building on Windows. 
As we're now building with CMake, and CMake can supply endianness, just insist on using that.
 2020-03-03 17:28:34 +00:00
Willem Toorop e7d435e426 Name only authentication with GNUTLS 2020-03-03 13:04:27 +00:00
Willem Toorop 9c8b70e4bc Eliminate compile error 2020-03-03 13:03:58 +00:00
Willem Toorop af46e20721 Fix reporting authentication failure 2020-03-02 15:51:46 +00:00
Willem Toorop e17ed3938c Fix: mem leak with gnutls 2020-03-02 15:12:18 +00:00
Willem Toorop 16c20fe04d
Merge pull request #462 from doublez13/develop 
Fix uninitialized value in tls_create_object
 2020-03-02 15:20:51 +01:00
Willem Toorop 3b5d1a9353 Stub only links with GNUTLS 
And valgrind check includes DoT session
 2020-03-02 15:12:33 +01:00
Willem Toorop f3a38e9a40 Sync tools shared with unbound 2020-03-02 15:11:58 +01:00
Zane Zakraisek b804b8effb Fix uninitialized value in tls_create_object 
On the first call to tls_create_object (stub.c), tls_fallback_ok is read
before being initialized. This patch initializes tls_fallback_ok to 0 in
upsteam_init (context.c)

Valgrind complains about the uninitialized value:
==14774== Conditional jump or move depends on uninitialised value(s)
==14774==    at 0x1528C3: tls_create_object (stub.c:900)
==14774==    by 0x1556AD: upstream_connect (stub.c:2065)
==14774==    by 0x15582E: upstream_find_for_transport (stub.c:2109)
==14774==    by 0x1558B7: upstream_find_for_netreq (stub.c:2130)
==14774==    by 0x156027: _getdns_submit_stub_request (stub.c:2296)
==14774==    by 0x1421C8: _getdns_submit_netreq (general.c:478)
==14774==    by 0x14261D: getdns_general_ns (general.c:636)
==14774==    by 0x142905: _getdns_general_loop (general.c:731)
==14774==    by 0x1432FB: getdns_general (general.c:888)
==14774==    by 0x118B94: incoming_request_handler (stubby.c:692)
==14774==    by 0x14F46B: udp_read_cb (server.c:762)
==14774==    by 0x15C86B: poll_read_cb (poll_eventloop.c:295)
==14774==  Uninitialised value was created by a heap allocation
==14774==    at 0x483877F: malloc (vg_replace_malloc.c:309)
==14774==    by 0x123CCF: upstreams_create (context.c:581)
==14774==    by 0x128B24: getdns_context_set_upstream_recursive_servers (context.c:2760)
==14774==    by 0x12DBFE: _getdns_context_config_setting (context.c:4646)
==14774==    by 0x12FF47: getdns_context_config (context.c:4769)
==14774==    by 0x1178C2: parse_config (stubby.c:297)
==14774==    by 0x117B24: parse_config_file (stubby.c:343)
==14774==    by 0x11919F: main (stubby.c:833)
 2020-03-01 14:13:27 -07:00
Willem Toorop fe30672afa shorten code with string conversion functions 2020-02-28 20:33:22 +01:00
Jim Hague ab49db8aa5 Tighten Nettle version checking, and fix build issue with Nettle >= 3.4. 
Nettle 3.4 introduced accessor functions for obtaining nettle_secp_256r1 and nettle_secp_384r1. Use them if present.

Fixes #458
 2020-02-25 13:30:25 +00:00
Willem Toorop d7099f6e30 Deal with DoT servers that take long to connect to 
(because they might be under attack)
 2020-02-21 14:17:00 +01:00
Willem Toorop e2c6241964 Issue #175: Include query in call_reporting dict 
Thanks Tom Pusateri
 2020-02-20 17:52:27 +01:00
Willem Toorop 56ca583fa6 Issue #407 run only offline tests 2020-02-14 16:49:45 +01:00
Willem Toorop ed36240f19 Fix test 2020-02-13 17:26:18 +01:00
Willem Toorop 6cb15939ba Issue #430: Record and guard UDP max payload size with servers. 2020-02-13 17:02:24 +01:00
Willem Toorop 971c43c659 Fix #432 answer_ipv4_address and answer_ipv6_address 
in reply and reponse dicts.
I realise we also do not have intermediate_aliases yet...
 2020-02-13 15:33:13 +01:00
Willem Toorop f33a4b2d4e More worldly changes that influenced unit testing 2020-02-12 13:23:51 +01:00
Willem Toorop 770c0a1282 Fix unit tests (for changed world) 
- Google started to respond NOTIMP on unknown RR types!
- willem.getdnsapi.net has been removed
 2020-02-12 12:28:50 +01:00
Willem Toorop 8b5c57bfcb Also clear returned netreq when result came from LOCALNAMES namespace 2019-12-20 12:42:52 +01:00
Willem Toorop 24824bb413 Not string.h but strings.h! 2019-12-20 11:23:45 +00:00
Willem Toorop 4fdf3a8b2a Stuff that came out of valgrind on FreeBSD 12 2019-12-20 11:09:24 +00:00
Willem Toorop 8da6fdb442 string.h not available on Windows 2019-12-20 11:08:32 +00:00
Willem Toorop 33633ea239 One more scan with extra argument 2019-12-20 10:46:59 +00:00
Willem Toorop 3345bb615d One more gldns_wire2str_rr_scan fix 2019-12-20 10:29:54 +00:00
Willem Toorop 8cda9816e4 Merge branch 'release/1.6.0-beta.1' of github.com:getdnsapi/getdns into release/1.6.0-beta.1 2019-12-20 09:56:08 +00:00
Willem Toorop 3ad84d0a51 Updated gldns 2019-12-20 10:55:47 +01:00
Willem Toorop 651e5f7c3f Work around FreeBSD12 FAST OPEN issue 
Before (FreeBSD 11), poll could be used to wait for the socket to
be writeable immediately. Now (since FreeBSD 12) this results in
infinite wait, so we just have to write immediately to work around
this.
 2019-12-19 15:00:53 +00:00
Willem Toorop b446bfdf11 Enable debugging symbols for better valgrind output 2019-12-19 14:56:12 +00:00
Willem Toorop 61dffd0e35 Fail eventloop test on errors 2019-12-19 12:45:47 +00:00
Willem Toorop 8b2e8c2be3 Memory leak via libunbound in FreeBSD11.3 2019-12-19 11:29:40 +00:00
Willem Toorop a78b963aa9 Make check timeout larger than getdns timeout 
- when timeout should be expected
 2019-12-19 10:44:22 +00:00
Jim Hague 489022dcb9 Some tests that use valgrind aren't flagged as such. Fix this. 2019-12-18 11:14:12 +00:00
Jim Hague 0226096974 Suppress memory leak in libunbound to get test 125 passing on Bionic. 2019-12-18 10:23:45 +00:00
Willem Toorop 52cb444065 Update all submodules with .gitattributes 2019-12-16 16:27:28 +01:00
Willem Toorop 7d2e255ead git-archive-all.sh based makedist file 2019-12-16 15:36:53 +01:00
Willem Toorop 60307d88fd
Merge pull request #447 from getdnsapi/feature/cmake 
Feature/cmake
 2019-12-16 12:33:12 +01:00
Willem Toorop 3e373ab2af Now with actual fix for multiple localhost addresses 2019-12-16 12:05:29 +01:00
Willem Toorop aafdba690d Server capabilities test, listen on single localhost IPv4 address 2019-12-16 11:54:00 +01:00
Willem Toorop 0fbe0dccc3 Debugging server capability testing 2019-12-16 11:47:40 +01:00
Willem Toorop f1ea127e7a NLnet Labs reversed space takes long to lookup... 2019-12-16 11:04:49 +01:00
Willem Toorop e2813299ee Target everything does not exist with me ... 
.. but did exist in travis???
 2019-12-13 16:19:29 +01:00
Willem Toorop 39e2c8a33e replace '//' with #ifdef 0 / #endif 
because my compiler complains about it for some reason
 2019-12-13 11:34:14 +01:00