2974 Commits

All Branches

Search

Author	SHA1	Message	Date
Willem Toorop	dd433ede68	Merge branch 'develop' into devel/spki_pinset_via_tlsa_checking	2018-01-10 14:36:43 +01:00
Willem Toorop	a746ea5e08	Dependencies	2018-01-10 14:36:33 +01:00
Willem Toorop	6b4446c7cd	Suppress compiler warnings in danessl library	2018-01-10 14:34:25 +01:00
Willem Toorop	712617e568	Dead assignment (without stub debugging)	2018-01-10 13:54:18 +01:00
Willem Toorop	7c5bdd5431	Use danessl submodule when OpenSSL version between 1.0.0 and 1.1.0	2018-01-10 12:47:14 +01:00
Jim Hague	a906710269	Add missing function sufficient to compile Stubby on Xenial and Mac. ... This includes the select and poll default event loops, some missing getdns source files and pleasingly now results in a warning-free build.	2018-01-08 18:59:54 +00:00
Jim Hague	1ecc7b3c26	Initial version of CMake build. ... This is just a basic build of the library. No options are support, and the only builds tested are Xenial and MacOS (the latter using the Brew openssl package, and so requiring -DOPENSSL_ROOT_DIR=/usr/local/Cellar/openssl/1.0.2l option on the cmake command line). Using the library is untested.	2018-01-08 15:36:35 +00:00
Willem Toorop	9e34588f19	logic error	2018-01-08 16:04:40 +01:00
Willem Toorop	546b75a9b1	libidn2 support. Thanks Paul Wouters	2018-01-08 12:54:48 +01:00
Willem Toorop	a1e5cc44a0	Add https://github.com/vdukhovni/ssl_dane submodule	2018-01-08 10:33:25 +01:00
Willem Toorop	608189710c	Log printing in getdns_query	2018-01-04 16:35:22 +01:00
Willem Toorop	2471f43dea	Less logging with successful authenticated upstreams	2018-01-04 16:15:50 +01:00
Willem Toorop	540735a956	Check pins with DANE functions when available	2018-01-04 15:58:09 +01:00
Willem Toorop	fe7d6678cf	Merge branch 'develop'	2017-12-22 12:43:06 +01:00
Willem Toorop	2ff1bf6152	Merge branch 'release/1.3.0' into develop	2017-12-22 12:42:47 +01:00
Willem Toorop	25a31e6b35	Bump version	2017-12-21 17:06:43 +01:00
Willem Toorop	03d4950470	We need to set transport list before first query ... (this needs to be reviewed...)	2017-12-21 16:49:19 +01:00
Willem Toorop	9aa1d067d2	Detect dnsmasq and skip the unit test that fails with it ... This actually resolves issue #300 Thanks Tim Rühsen and Konomi Kitten	2017-12-21 16:21:10 +01:00
Willem Toorop	aa419a88d0	Skip some more truncation issues with dnsmasq	2017-12-21 16:01:48 +01:00
Willem Toorop	81ffa2f48d	Skip test that breaks with dnsmasq ... when SKIP_DNSMASQ_ISSUE variable is test. Helps out a little with issue #300	2017-12-21 15:45:58 +01:00
Willem Toorop	0ef910b9ee	read_buf's may remain on canceled tcp requests	2017-12-21 14:53:54 +01:00
wtoorop	efb0539c15	Merge pull request #368 from getdnsapi/devel/tls_settings ... TLS settings have tls_ prefixed name	2017-12-21 14:25:01 +01:00
Willem Toorop	97cc67d026	s/CApath/tls_ca_path/g s/CAfile/tls_ca_file/g	2017-12-21 13:08:01 +01:00
wtoorop	f173f4667f	Merge pull request #367 from getdnsapi/features/set_cipher_list ... Features/set cipher list	2017-12-21 13:00:08 +01:00
Willem Toorop	ae38a29a50	Upstream specific tls_cipher_list's	2017-12-21 12:30:15 +01:00
Willem Toorop	8f88981efe	rename set_cipher_list() to set_tls_cipher_list()	2017-12-21 11:35:05 +01:00
Willem Toorop	7fe3bd6a1f	getdns_context_set_ciphers_list()	2017-12-20 13:13:02 +01:00
Willem Toorop	2bd5df4959	Update to Stubby v0.2.1	2017-12-20 09:53:11 +01:00
Willem Toorop	d35fae5038	Bump version (to 1.3.0-rc2), update ChangeLog	2017-12-20 09:43:45 +01:00
Willem Toorop	274bc9bc4a	Merge branch 'develop' into release/1.2.2	2017-12-20 09:37:56 +01:00
wtoorop	76d8f11b44	Merge pull request #366 from hardfalcon/develop ... Add support for TLS 1.3 and Chacha20-Poly1305	2017-12-20 09:36:59 +01:00
wtoorop	7b20414ee0	Merge pull request #365 from saradickinson/fix_windows_build ... Fix windows build	2017-12-19 11:25:33 +01:00
Pascal Ernster	65c7a738eb	Add support for TLS 1.3 and Chacha20-Poly1305 ... Add support for TLS 1.3 (requires OpenSSL 1.1.1) and Chacha20-Poly1305 (requires OpenSSL 1.1). Older OpenSSL versions will simply ignore ciphersuite specifications they don't understand and use the subset which they do unterstand. Note that "EECDH" does *not* select anonymous cipher suites (as opposed to "kECDHE").	2017-12-15 20:01:30 +00:00
Sara Dickinson	00d3232ba4	Fix windows build	2017-12-15 16:53:23 +00:00
Willem Toorop	ac17d4ebed	We need a specific install location for tests builds ... ... to not load default library	2017-12-14 11:53:15 +01:00
wtoorop	9c35fa1643	Merge pull request #364 from saradickinson/move_macos_script ... Update makefile because a file in Stubby was moved	2017-12-13 16:35:32 +01:00
Willem Toorop	2b5b59537f	Getting Stubby ready to merge PR #364	2017-12-13 16:33:37 +01:00
Willem Toorop	fd16d7b5eb	Bugfix in stubby.c (copy/paste error)	2017-12-13 15:59:42 +01:00
Willem Toorop	0615457dfa	Resolve constant conflict	2017-12-13 15:43:36 +01:00
Willem Toorop	9f566de65d	DNSSEC segfault issue	2017-12-13 15:41:08 +01:00
Sara Dickinson	d232353f93	Update makefile because a file in Stubby was moved	2017-12-13 14:22:52 +00:00
Willem Toorop	d7864ee0df	Stubby disabling DNSSEC validation update	2017-12-13 14:52:49 +01:00
Willem Toorop	2c66487635	Merge branch 'devel/dnssec_meta_queries' into release/1.2.2	2017-12-13 14:52:00 +01:00
Willem Toorop	5f1a2f8659	Merge branch 'features/CA_verify_locations' into release/1.2.2	2017-12-13 14:49:42 +01:00
Willem Toorop	cfeaefbe3f	Merge branch 'features/resolvconf' into release/1.2.2	2017-12-13 14:44:06 +01:00
Willem Toorop	825e2fd15f	Bump version	2017-12-13 14:42:18 +01:00
Willem Toorop	090b076d96	Zero configuration DNSSEC meta queries on existing transports ... Should fix bug #356	2017-12-13 13:08:24 +01:00
Willem Toorop	a63e5edb86	trust-anchor meta queries need to be done opportunistic too ... In anticipation of DANE authenticated upstreams	2017-12-13 12:58:24 +01:00
Willem Toorop	e691312a3f	Schedule DNSSEC meta queries against existing context	2017-12-13 12:50:03 +01:00
Willem Toorop	362d168380	no_dnssec_checking_disabled extension for internal use only	2017-12-13 12:36:02 +01:00