interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,927 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

332 Commits

Author SHA1 Message Date
Jim Hague ee6bc7d978 Remove development test erroneously checked in. 2019-01-15 12:39:02 +00:00
Jim Hague 9e4add2219 Merge branch 'develop' into feature/abstract-tls 2019-01-14 19:15:53 +00:00
Jim Hague 3fe0c94357 Merge branch 'develop' into feature/abstract-tls 2019-01-14 19:09:20 +00:00
Jim Hague 51cb570809 Re-add support for OpenSSL prior to 1.1, but now require at least 1.0.2 and drop LibreSSL support. 2019-01-11 11:16:48 +00:00
Willem Toorop 35077bdc6d Update ChangeLog & bumb version 2019-01-11 12:08:38 +01:00
Willem Toorop 4be406ce1f Bump version 2018-12-21 15:40:13 +01:00
Jim Hague bf011d9294 Add GnuTLS DANE library to configure detection when using GnuTLS. 2018-12-11 18:02:03 +00:00
Willem Toorop ab700e70fe DNS Cookies with libnettle too 2018-12-11 15:13:17 +01:00
Willem Toorop a6ab7ffe41 ed25519 and ecdsa support with libnettle 2018-12-11 15:05:09 +01:00
Jim Hague c6dffa1239 Add use of libnettle, and enable val_secalgo routines from existing Nettle implementation. 
Link to the openssl val_secalgo implementation and use that, after adjusting the source of Nettle includes.

GnuTLS uses Nettle itself, so this is not adding a new dependency.
 2018-12-06 10:41:58 +00:00
Willem Toorop 46f0b06f24 Start release processes for getdns-1.5.0 2018-12-04 14:17:20 +01:00
Willem Toorop c80aa72725 ED25519 & ED448 support 2018-12-03 15:35:03 +01:00
Willem Toorop 390e383a1a ED25519 & ED448 DNSSEC validation support 2018-12-03 14:33:21 +01:00
Jim Hague 27a7e4e28f Attempt minimal autoconf changes to use GnuTLS instead of OpenSSL. 
I could waste the rest of the available time trying to turn configure.ac into something that cleanly ignores OpenSSL, uses GnuTLS instead and retains all the options. Or even better scrap the whole autoconf mess and start again.

But in the interests of prototyping, do something quick and dirty. This means GnuTLS must for now be configured thus:

$ CFLAGS="-g" ../configure --enable-stub-only --with-gnutls --disable-gost --disable-ecdsa --disable-edns-cookies

to evade other items with hardcoded OpenSSL checks in them.
 2018-11-23 17:49:06 +00:00
Willem Toorop 1904ee7318 Enhancement getdnsapi/stubby#56 & getdnsapi/stubby#130 
Configurable TLS version
 2018-11-21 15:02:28 +01:00
Jim Hague e7593541ef Ensure that compat/getentropy* don't get used, and so drag in OpenSSL. 2018-11-20 17:37:46 +00:00
Willem Toorop 6a5e96d4e1 tls_ciphersuites + bugfix in strdup2!! 2018-11-20 16:13:57 +01:00
Willem Toorop e5a53fb1d2 Bumb version 2018-11-20 13:57:13 +01:00
Jim Hague 5d353d9efb To aid proof-of-concept work, insist on OpenSSL 1.1.1 or later. 
Remove ssl_dane as now surplus to requirements.
 2018-11-16 17:58:29 +00:00
Willem Toorop 9b4e8e9e91 X509_get_notAfter not in OpenSSL 1.1.1 anymore 2018-06-12 16:37:46 +02:00
Willem Toorop 0d283fc63f 1.4.2 release 2018-05-11 12:02:49 +02:00
Willem Toorop 48e0ea013c Include Stubby - v0.2.3 release 2018-05-11 11:56:00 +02:00
Willem Toorop caab2e8592 Bump versions and include release/0.2.3 Stubby release branch 2018-05-03 17:21:58 +02:00
Willem Toorop 6c075e2ad8 Bugfix #395 : Clarify that libidn2 dependency is for version 2.0.0 or higher 2018-05-02 14:01:00 +02:00
Willem Toorop 75f59b9dfc Bump version 2018-03-12 12:05:09 +01:00
Willem Toorop ef0a77e061 Forgot the dash before the rc1 again 2018-03-05 16:34:50 +01:00
Willem Toorop 06e1c741e8 PR #387: Compile with OpenSSL with deprecated APIs disabled. 
Thanks Rosen Penev
 2018-03-05 15:40:16 +01:00
Willem Toorop 8a2fc5f5a9 max_udp_backoff should not be public 
At least, not with this point release
 2018-03-05 12:42:27 +01:00
Willem Toorop c057ca52e4 Merge remote-tracking branch 'dkg/spelling' into release/1.4.1 2018-03-05 11:30:33 +01:00
Willem Toorop 984aeefab2 Setup branch for the 1.4.1 release 2018-03-05 11:26:20 +01:00
Daniel Kahn Gillmor 9301f8970c Fix minor spelling and formatting. 
These issues were found with the codespell tool.
 2018-02-23 14:12:11 -08:00
Willem Toorop a037398156 Bump version 2018-02-21 16:45:26 +01:00
Willem Toorop 9999907593 update Stubby + other dist tarball fixes 2018-02-13 15:05:29 +01:00
Willem Toorop 5a420a2aed Bump versions 2018-02-12 17:14:45 +01:00
Willem Toorop 223e85bc02 Merge branch 'features/tls_curves_list' into release/1.4.0 2018-02-12 16:04:49 +01:00
Willem Toorop 401aa2e3b8 Specify the supported curves with TLS 2018-02-12 15:40:17 +01:00
Willem Toorop c3e4061fe2 hostname auth with libressl 2018-02-09 15:18:44 +01:00
Willem Toorop 87fec7f9b4 Merge branch 'feature/monitor-tool' into release/1.4.0 2018-02-07 17:11:28 +01:00
Willem Toorop 0eba73a945 LibreSSL like OpenSSL < 1.0.2 2018-02-07 16:42:11 +01:00
Jim Hague 305daab9aa Add first version of getdns_server_mon. 
Currently only QNAME minimisation check is working.
 2018-01-12 16:11:48 +00:00
Willem Toorop dd433ede68 Merge branch 'develop' into devel/spki_pinset_via_tlsa_checking 2018-01-10 14:36:43 +01:00
Willem Toorop 7c5bdd5431 Use danessl submodule when OpenSSL version between 1.0.0 and 1.1.0 2018-01-10 12:47:14 +01:00
Willem Toorop 546b75a9b1 libidn2 support. Thanks Paul Wouters 2018-01-08 12:54:48 +01:00
Willem Toorop 540735a956 Check pins with DANE functions when available 2018-01-04 15:58:09 +01:00
Willem Toorop 25a31e6b35 Bump version 2017-12-21 17:06:43 +01:00
Willem Toorop d35fae5038 Bump version (to 1.3.0-rc2), update ChangeLog 2017-12-20 09:43:45 +01:00
Willem Toorop cfeaefbe3f Merge branch 'features/resolvconf' into release/1.2.2 2017-12-13 14:44:06 +01:00
Willem Toorop 825e2fd15f Bump version 2017-12-13 14:42:18 +01:00
Willem Toorop 26877d4494 Include sys/stat.h (from config.h) + 
+ introduce GETDNS_RETURN_IO_ERROR return code
  (forgot to mention that in previous commit)
 2017-12-12 12:38:55 +01:00
Willem Toorop 96ed06c6a9 Initialize context with given resolv.conf and hosts files 
- getdns_context_create with set_from_os set will simply call these
  functions with the defaults

+ filechg_check is simplified somewhat (reducting memory management)
+ get OpenSSL version version via get_api_information()
 2017-12-12 12:24:31 +01:00