interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,387 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

283 Commits

Author SHA1 Message Date
Willem Toorop b9f8f94361 Update ChangeLog and check versions 2015-11-11 12:40:23 +01:00
wtoorop 7230031c0a Merge pull request #119 from dkg/ietf94-privacy-hackathon 
Thank you dkg!  Great work!

Interestingly you've put the configuration of those two features at "context" level.  Since both options (just like cookies) relate to upstreams, I think they should be configurable per upstream as well  (perhaps using the context settings as the defaults, over-loadable by those upstream options).  With my cookie implementation, I've implemented activation with an extension, but cookies also relate to upstreams, so perhaps they should be enableable per upstream as well (and have a global over-loadable setting in context).

Cheers,
-- Willem
 2015-11-02 16:26:25 +09:00
Gowri 1bccd56244 Name change on test server certificate 2015-11-02 03:05:17 +01:00
Daniel Kahn Gillmor c322a8a330 add -P flag to getdns_query for EDNS padding policy 2015-11-01 15:49:56 +09:00
Daniel Kahn Gillmor b3128652f4 add tls_query_padding_blocksize property for getdns_context 
This is a parameter to the getdns_context that tells the context how
much to pad queries that go out over TLS.

It is not yet functional in this commit, but the idea is to pad each
outbound query over TLS to a multiple of the requested blocksize.

Because we only have a set amount of pre-allocated space for dynamic
options (MAXIMUM_UPSTREAM_OPTION_SPACE), we limit the maximum
padding blocksize.

This is a simplistic padding policy.  Suggestions for improved padding
policies are welcome!
 2015-11-01 15:49:56 +09:00
Daniel Kahn Gillmor 8291cdb455 add -c flag for EDNS Client Subnet privacy to getdns_query 2015-11-01 15:49:56 +09:00
Daniel Kahn Gillmor 05585281eb add test for context update callback for edns_client_subnet_private 2015-11-01 15:49:56 +09:00
Willem Toorop fb6642d6a5 Print response dict when there is one 2015-10-31 17:59:14 +09:00
Willem Toorop 9ce441e59a --enable-debug-sched for getdns_query too 2015-10-31 16:24:49 +09:00
Willem Toorop 8c3d348f05 Help text typo 2015-10-27 16:43:25 +01:00
Willem Toorop 98a2c497d2 ldns CFLAGS for tests (+ make deps) 2015-10-22 13:46:23 +02:00
Willem Toorop b88c74b4c8 Synchronize with October 2015 spec 2015-10-22 12:02:04 +02:00
Willem Toorop 7647005285 Report memory errors in json-pointers test 2015-10-21 16:01:16 +02:00
Willem Toorop 3cc44ffcb1 Merge remote-tracking branch 'sara/feature/tls_auth_api' into features/tls_auth_api 2015-10-21 15:34:57 +02:00
Sara Dickinson 3be47edbb3 More cleanup 2015-10-16 18:40:33 +01:00
Sara Dickinson b74c62066c Cleanup 2015-10-16 18:31:57 +01:00
Sara Dickinson 28ffb2fdf6 Add ls_authentication to API 2015-10-16 17:00:14 +01:00
Sara Dickinson af617e92a7 Implement authenticaiton fallback on a given upstream (needs more work). Also need API option to set auth requirement. 2015-10-16 17:00:14 +01:00
Sara Dickinson e710286e45 Start work on better authentication 2015-10-16 16:57:13 +01:00
Willem Toorop d0a80925c2 Bugfixes for setting with json pointers 
+ scratchpad for developing/debugging
 2015-10-08 12:54:30 +02:00
Willem Toorop 7bf481d812 ldns still (but only) needed for unit tests 2015-09-28 11:44:39 +02:00
Willem Toorop 53e23f1358 Revert "Revert "Merge pull request #112 from saradickinson/features/tls_auth"" 
This reverts commit 6d29e6044e.
 2015-09-04 10:56:30 +02:00
Willem Toorop 0e66d28be8 Set processing flag around user callbacks 
To fix destroying contexts from user callbacks in stub mode.
The complete test suite runs in stub mode now too.
 2015-09-03 15:07:29 +02:00
Willem Toorop 6d13ec19cd --with-getdns_query configure option + 
make pub target (for signing and hashing dist tarball) +
make megaclean target (for erasing all source and git reset --hard)
 2015-08-28 13:33:02 +02:00
Willem Toorop 6d29e6044e Revert "Merge pull request #112 from saradickinson/features/tls_auth" 
This reverts commit d436165a88, reversing
changes made to 7c902bf73c.
 2015-08-27 13:31:22 +02:00
Willem Toorop 55aa759730 Don't spawn extra process for recursion calls 2015-08-27 13:22:24 +02:00
Willem Toorop 6446643396 Get lines via custom eventloop 2015-08-26 22:25:42 +02:00
Willem Toorop 32e4e8fa9d Debug custom event loop 2015-08-26 17:01:28 +02:00
Willem Toorop 4ecf6b23dc First round of bugfixes in custom eventloop 2015-08-26 16:13:25 +02:00
Willem Toorop c86df63b7a Custom event loop in getdns_query 2015-08-26 14:32:46 +02:00
Willem Toorop b9e8455e27 Internal symbols always prefixed with _getdns 2015-08-19 16:30:15 +02:00
Sara Dickinson 2404cc2c8e Extend regression test 2015-08-15 15:27:58 +01:00
saradickinson cb1dff1ac7 Add ability to verify server certificate using hostname for TLS/STARTTLS 
NOTE: This implementation will only work for OpenSSL v1.0.2 and later.
Doing it for earlier versions is totally insane:

  https://wiki.openssl.org/index.php/Hostname_validation
 2015-08-15 14:40:15 +01:00
Sara Dickinson 8beace7036 Fix location in manual test script. Add build/ to .gitignore 2015-08-15 14:36:36 +01:00
Sara Dickinson ab60211020 Fix fallback failures. Add manual regression test script. 2015-08-12 11:42:02 +01:00
Willem Toorop d52b10e703 Fix builddir/srcdir for tests 2015-07-19 12:15:28 +02:00
Willem Toorop e91f7d53b5 Correct getdns_extra.h location for tests too 2015-07-19 11:48:24 +02:00
Willem Toorop cacd8951ff getdns_query -k to test for root trust anchor 
has exit status 0 on success, 1 otherwise.
 2015-07-09 23:10:22 +02:00
Willem Toorop 201b6af9a2 clang compiler warnings + 1 bug! 
Bug is countring insecure answers in util-internal.c
found by clang warning reporting
 2015-07-08 13:07:24 +02:00
Willem Toorop a5bacfefcf memory leak fixes 2015-07-08 11:07:44 +02:00
Willem Toorop e571883811 Fix test for NODATA address_sync lookup 
hampster.com no longer suitable anymore.
 2015-07-07 11:46:52 +02:00
Willem Toorop f066d5ef73 Merge branch 'features/native-stub-dnssec' into develop 
Conflicts:
	configure.ac
	src/stub.c
 2015-07-02 10:27:27 +02:00
Willem Toorop 6cffc4792b Validate replies with getdns_validate_dnssec 
You can feed it the replies_tree as the records to validate list
 2015-07-02 00:25:41 +02:00
Willem Toorop 2b3aa84337 getdns_query show output of getdns_validate_dnssec 2015-07-01 14:38:24 +02:00
Sara Dickinson cb5bbac26d Do better with unbound transport mapping and fix problems with sync fallback 2015-06-25 20:21:00 +01:00
Sara Dickinson 8819d29535 Implement TCP fallback and hack for lack of sync idle timeout. 2015-06-24 18:49:34 +01:00
Sara Dickinson c9a0ffc7a5 Improve error reporting in getdns_query. 2015-06-23 17:01:43 +01:00
Sara Dickinson c425f96e0b Fix TLS handshake for sync messages. 2015-06-23 15:39:56 +01:00
Sara Dickinson b73b5b2792 Fix some bugs... 2015-06-21 16:55:12 +01:00
Sara Dickinson 635cf9e182 Re-factor of internal handing of transport list. 2015-06-19 18:28:29 +01:00