interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,271 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

161 Commits

Author SHA1 Message Date
Willem Toorop 9ecd3fde1c Privacy aware DNS Cookies 
Track source IP address in an efficient manner to make sure the same cookie will not be sent from different source IP addresses.
 2020-04-09 16:24:34 +02:00
Willem Toorop de13a0c32d Better retry on badcookie flooding prevention 2020-04-08 19:16:51 +02:00
Willem Toorop 8b62970e0c Response to BADCOOKIE extended rcode 2020-04-08 16:08:56 +02:00
Willem Toorop c1f51815ba RFE #408: "dnssec" extension requiring DNSSEC 
When this extension is set, GETDNS_DNSSEC_INDETERMINATE status will no
longer be returned.
 2018-11-30 14:20:12 +01:00
Willem Toorop e3b007a43a Issue #410: Document ownership with getdns_context_get_api_information() 
+ const for extensions and namespaces
TODO: Look at other cases that are not const for no good reason.

Thanks Stefan Bühler
 2018-11-27 16:59:47 +01:00
Willem Toorop fd5e0cdc02 Merge branch 'bugfix/388-endless-fallback-loop' into release/1.4.1 2018-03-05 11:52:36 +01:00
Willem Toorop b178f94505 Don't retry an already tried upstream 2018-03-02 15:56:00 +01:00
Daniel Kahn Gillmor 9301f8970c Fix minor spelling and formatting. 
These issues were found with the codespell tool.
 2018-02-23 14:12:11 -08:00
Jim Hague 0291e205fd Add TLS 1.3 test. 
Add a new item tls_version to call_reporting, containing the OpenSSL version string for the name of the protocol used for the connection.

The test does a normal lookup, but first sets the cipher list to TLS1.3 only ciphers. This will cause a Bad Context error at search time, so we can tell if the underlying OpenSSL library lacks TLS 1.3. The check the call reporting for a TLS version of "TLSv1.3".
 2018-01-19 15:56:40 +00:00
Willem Toorop a63e5edb86 trust-anchor meta queries need to be done opportunistic too 
In anticipation of DANE authenticated upstreams
 2017-12-13 12:58:24 +01:00
Willem Toorop 362d168380 no_dnssec_checking_disabled extension for internal use only 2017-12-13 12:36:02 +01:00
Willem Toorop f83c8e217e Decrease assumptions based on network_by_query_id 2017-10-17 13:47:29 +02:00
Willem Toorop f0f2afbca7 Fetch TA before resolve for full recursion too 2017-09-20 12:40:59 +02:00
Willem Toorop 3e6c5775ff Fetch and equip context with trust-anchors 2017-06-30 10:18:07 +02:00
Willem Toorop fb267938c3 Start with fetching root-anchors remotely 
Also lays the foundation for looking up upstreams by name and DANE authentication of upstreams.
 2017-06-28 20:35:30 +02:00
Willem Toorop 9a273cf144 Get rid of superfluous struct member query_id 2017-06-15 21:24:40 +02:00
Willem Toorop 708e520989 Spelling fixes from Andreas Schulze 2017-04-11 23:33:24 +02:00
Willem Toorop e08d3592a0 Schedule timeout when collecting for dnssec chain 2017-04-06 11:20:08 +02:00
Willem Toorop a2efd8f6c1 Report peer certificate in call_reporting 2017-03-25 19:36:20 +01:00
wtoorop 52e3d2e1b0 Merge pull request #265 from saradickinson/feature/new_settings 
Feature/new settings
 2017-03-20 22:25:52 +01:00
Willem Toorop 24abf43de1 Fit mdns code with pending dns netreqs on EMFILE 2017-03-20 21:33:19 +01:00
Willem Toorop ed0d4d044c Merge remote-tracking branch 'upstream/develop' into features/mdns-client 2017-03-20 16:42:24 +01:00
Sara Dickinson 6f7bad5d73 Add new configuration parameters for TLS back off time and connection retries 2017-03-17 17:26:18 +00:00
Willem Toorop 639239f45c Schedule dnsreqs with absolute timeout/expiry time 2017-03-13 14:20:47 +01:00
Willem Toorop de1ab4c8a4 Merge branch 'develop' into huitema-develop 2017-03-06 16:07:12 +01:00
Willem Toorop 74b1f77357 Cancel get validation chain getdns_dns_reqs 
And miscellaneous little other scheduling fixes and optimizations
 2017-02-18 13:16:25 +01:00
Willem Toorop 6ed3d77523 Cancel child validation chain dns_reqs on ... 
parent dns_req cancelation.
 2017-02-17 23:35:50 +01:00
Christian Huitema 6d3e0c7ca2 Rewrote the continuous query organization to use the LRU cache instead of an RB tree. 2017-02-14 11:30:29 -10:00
Christian Huitema 93d6f2b18f Intermediate commit, after definition of the MDNS context 2017-02-06 18:23:35 -10:00
Sara Dickinson cfc7d18c85 Ug. Fix stupid mistake with string array. 2016-12-11 16:57:52 +00:00
Sara Dickinson 7b58dc25a6 - Fix bug where a self signed cert + only a pinset would not authenticate 
- Add OARC servers with pinset only to stubby.conf
- Move Authentication strings to types_internal for use in call_debugging
- Add connection counts to call_debugging
-
 2016-12-09 17:03:41 +00:00
Willem Toorop 9d48c47980 Merge branch 'develop' into release/1.1.0-alpha3 2016-12-08 16:31:47 +01:00
Willem Toorop 39f854d2b3 Fixes for pedantic warnings 2016-12-08 16:27:43 +01:00
Willem Toorop f31b2fa233 Merge branch 'develop' into release/1.1.0-alpha3 2016-12-08 15:06:25 +01:00
Willem Toorop 473da8966b Library fixed for CFLAGS=-Wextra 2016-12-08 14:05:58 +01:00
Willem Toorop 47e718eeb8 OpenSSL 1.1 support 2016-10-13 23:04:50 +02:00
Sara Dickinson fdbefa17ec Add timer for back off on upstream (use 1 hr). Reset as new upstream when re-instated. 2016-08-05 17:25:27 +01:00
Sara Dickinson a1461d51ec Add abbreviated logging mode for daemon 2016-08-05 14:10:55 +01:00
Sara Dickinson 5e1575dabc Correct the logic for upstream back off 2016-07-04 17:02:18 +01:00
Sara Dickinson 8fa84c836a Initial re-work of stateful transport selection and timeout/error handling. Also update transport test to avoid timeout. 2016-07-04 17:02:14 +01:00
Sara Dickinson d3309e89e8 Initial pass at updating Doxygen modules for getdns.h. Also add info on using context_create multithreaded. 
- this is a rough first pass at making the oxygen Modules page more consistent and user navigable
  as a handy index into getdns
- I think a further re-org is needed in a later update, also haven't touched getdns_extra.h yet
- Added a few functions descriptions too, but still many functions without comments... a WIP
- Updated man page for context_create with multi-threaded instructions as a short term fix
 2016-06-25 18:09:56 +01:00
wtoorop a435932b04 Features/call reporting timeout (#1) 
* Timed out and canceled netreqs are finished too

* Minor code duplication elemination

* Blah typo

* Embarrassing logic error
 2016-06-23 14:02:55 +02:00
Robert Groenenberg 3634fff4dd Return call_reporting info in case of timeout, so that we can see 
which server did not respond.
 2016-06-20 18:39:15 +02:00
Willem Toorop 8fc89d01cb Post devel/scheduling_bug_detection merge cleanups 2016-04-22 14:43:17 +02:00
Willem Toorop af8e27f059 Merge branch 'devel/scheduling_bug_detection' into features/canonical_dnssec_chain 2016-04-22 14:42:25 +02:00
Willem Toorop d61e64c9c7 Fix callbacks during scheduling in DNSSEC code too 2016-04-22 14:09:18 +02:00
Willem Toorop 15271d0438 Account for callbacks fired during scheduling 2016-04-21 15:16:38 +02:00
Willem Toorop 4849329818 dnssec_return_full_validation_chain extension 
That also returns all records that had to be proofed secure in canonical form in the "validation_chain".
 2016-04-18 22:06:12 +02:00
Willem Toorop da577a463d set upstream loop to the sync loop for sync reqs 
And reset to the async loop when sync request was finished, rescheduling the upstream->event.
Note that finished_event is scheduled against the async loop always.
 2016-04-11 14:49:44 +02:00
Willem Toorop 4298e7dce6 Merge branch 'devel/no-sync-side-effects' into release/v1.0.0beta 2016-03-24 16:52:49 +01:00