interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,173 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

1604 Commits

Author SHA1 Message Date
Willem Toorop f8c7d8b5d5 Network request submission and callback reporting 2017-04-05 22:43:27 +02:00
Willem Toorop 2220c1a48d Options for request debugging 2017-04-05 17:53:39 +02:00
wtoorop fe49bc1c69 Merge pull request #279 from dkg/feature/padding-policy 
Implement sensible default padding policy.
 2017-03-27 08:19:31 -05:00
Daniel Kahn Gillmor f2a90925bc getdns-query: S is no longer a valid transport label. 2017-03-26 14:38:43 -05:00
Daniel Kahn Gillmor 9de4d6537b Implement sensible default padding policy. 
This commit changes the semantics of tls_query_padding_blocksize()
slightly.  Where previously both 0 and 1 meant "no padding", this
commit changes 1 to mean "pad using a sensible policy".

At NDSS 2017's DNS privacy workshop, I presented an empirical study of
DNS padding policies:

https://www.internetsociety.org/events/ndss-symposium/ndss-symposium-2017/dns-privacy-workshop-2017-programme#session3

The slide deck is here:
https://dns.cmrg.net/ndss2017-dprive-empirical-DNS-traffic-size.pdf

The resulting recommendation from the research is that a simple
padding policy is relatively cheap and still protective of metadata
when DNS traffic is encrypted:

 * queries should be padded to a multiple of 128 octets
 * responses should be padded to a multiple of 468 octets

Since getdns is only currently doing queries over tls, we only have to
implement the first part of this policy :)
 2017-03-26 14:37:28 -05:00
wtoorop 148dfabf88 Merge pull request #276 from huitema/develop 
Fixing the select and poll event loops for Windows
 2017-03-26 10:20:48 -05:00
Willem Toorop 03efb66991 Keep connections open with sync requests too 2017-03-26 10:16:25 -05:00
huitema 6f0b08a400 Fixing the select event loop so it does not give up for naked timers in Windows. 
Making sure the poll event loop works on windows.
Fixing the poll event loop so it does not give up for naked timers in Windows.
 2017-03-26 10:07:44 -05:00
Willem Toorop 007208a122 Merge branch 'develop' of github.com:getdnsapi/getdns into develop 2017-03-25 20:22:54 -05:00
Willem Toorop 9fa6ab5994 Clang pragma's with clang only 2017-03-25 20:22:34 -05:00
Willem Toorop b7d16e3c89 One more leak 2017-03-25 17:00:02 -05:00
Willem Toorop 6316c558bc typo 2017-03-25 21:45:08 +01:00
Willem Toorop 3eb6ebf5e4 Fix memory leak 2017-03-25 21:33:30 +01:00
Willem Toorop 5f6e47d091 Only equip with peer cert when transport is TLS 2017-03-25 21:26:05 +01:00
Willem Toorop a2efd8f6c1 Report peer certificate in call_reporting 2017-03-25 19:36:20 +01:00
Willem Toorop 15b451d71b Recommit parts of "Minor fixes in MDNS code to make sure it does work after the recent loop tightening." 2017-03-23 13:09:34 +01:00
Willem Toorop 2a496969cd Fixes for mdns 2017-03-23 12:53:44 +01:00
Willem Toorop c275b205d3 Create doxygen tagfile 2017-03-23 10:58:18 +01:00
Willem Toorop f67314c1c1 Unbound event API without header compile fix 2017-03-22 14:36:16 +01:00
Willem Toorop 426fc238da Fixes for FreeBSD warnings when compiling tests 
/usr/local/include/check.h:454:75: warning: token pasting of ',' and __VA_ARGS__ is a GNU extension [-Wgnu-zero-variadic-macro-arguments]
     _ck_assert_failed(__FILE__, __LINE__, "Assertion '"#expr"' failed" , ## __VA_ARGS__, NULL)
/usr/local/include/check.h:454:75: warning: token pasting of ',' and __VA_ARGS__ is a GNU extension [-Wgnu-zero-variadic-macro-arguments]
 2017-03-22 14:10:15 +01:00
Willem Toorop b2ac3849b7 Fxies for two NetBSD compiler warnings 
ubkey-pinning.c -o pubkey-pinning.lo
./pubkey-pinning.c: In function '_getdns_verify_pinset_match':
./pubkey-pinning.c:385: warning: 'prev' may be used uninitialized in this function
IX_C_SOURCE=200112L -D_XOPEN_SOURCE=600 -c ./context.c -o context.lo
./context.c: In function '_getdns_upstream_shutdown':
./context.c:760: warning: comparison between signed and unsigned
 2017-03-22 13:50:11 +01:00
Willem Toorop b48a92c8f5 Max OS-X and FreeBSD multicast portability 2017-03-22 12:33:13 +01:00
Willem Toorop a7c824c756 Update changelog and documentation 2017-03-22 11:52:07 +01:00
Willem Toorop 5d12545391 Bugfix in handling UDP backing off 2017-03-22 10:52:55 +01:00
Willem Toorop fa99b206e8 Updated readme & new groups for doxygen 2017-03-21 12:28:48 +01:00
Willem Toorop fe446a0d66 Minor fixes 2017-03-20 23:17:44 +01:00
wtoorop 52e3d2e1b0 Merge pull request #265 from saradickinson/feature/new_settings 
Feature/new settings
 2017-03-20 22:25:52 +01:00
Willem Toorop a5876d57fe Dependencies 2017-03-20 21:58:45 +01:00
Willem Toorop a77a335370 Comment out dead assignement 
To silence static code analysis
 2017-03-20 21:57:57 +01:00
Willem Toorop 24abf43de1 Fit mdns code with pending dns netreqs on EMFILE 2017-03-20 21:33:19 +01:00
Willem Toorop ed0d4d044c Merge remote-tracking branch 'upstream/develop' into features/mdns-client 2017-03-20 16:42:24 +01:00
Willem Toorop a3fe958387 Sync with unbound 2017-03-20 16:41:57 +01:00
Willem Toorop 0048066a2a Test op coding practices 2017-03-20 16:15:02 +01:00
Willem Toorop 0891e16147 Pend netreqs when out of filedescriptors 2017-03-20 15:20:17 +01:00
Willem Toorop 8b09633c94 Bug and mem-leak fix 2017-03-20 11:03:15 +01:00
Christian Huitema ed66edf52a Making sure that the project compiles on Windows when HAVE_MDNS_SUPPORT is present. 
Moving the 2 additional LRU functions from mdns.c to lruhash.c
Defining the 2 additional functions in lruhash.h
 2017-03-17 12:19:54 -07:00
Sara Dickinson 1cf39c9134 Typo 2017-03-17 18:33:33 +00:00
Sara Dickinson d8f4aebdee Merge branch 'feature/parallel_upstreams' into feature/new_settings 2017-03-17 17:48:52 +00:00
Sara Dickinson 915689141b Fix symbol order 2017-03-17 17:47:30 +00:00
Sara Dickinson 68eadedc10 Fix rogue bracket 2017-03-17 17:35:47 +00:00
Sara Dickinson 6f7bad5d73 Add new configuration parameters for TLS back off time and connection retries 2017-03-17 17:26:18 +00:00
Sara Dickinson dd76132a92 Implement round robin for UDP. Not sure this is the best option though. Noticed it results in more timeouts if one resolver isn't responding because it is retried more frequently. Willem - please review. 2017-03-17 17:16:14 +00:00
Sara Dickinson 1d4e3dd790 Update the name of the new option to 'round_robin_upstreams' 2017-03-17 16:53:03 +00:00
Sara Dickinson 6734a00d59 Improve the logging 2017-03-17 11:25:47 +00:00
Sara Dickinson 2a1a6768cb Add unit test and catch a typo 2017-03-16 16:26:34 +00:00
Sara Dickinson f0f3c43552 - Add a new mode where for TLS (and infact TCP too) the upstream selection simply cycles over all the upstreams rather than treating them as an ordered list and always using the first open one. 
- Make IP field in debug output fixed width
- Collect all the one line config options at the top of the stubby.conf file to make it easier to read
 2017-03-16 14:51:46 +00:00
Willem Toorop 5ea181172a Reschedule pending netreqs 2017-03-15 15:16:42 +01:00
Willem Toorop 14c9f3aafc Track netreqs "in flight" 2017-03-14 17:17:56 +01:00
Willem Toorop b8f43c8acd Mention the number of simultaneous queries in error (and success) 2017-03-14 15:20:56 +01:00
Willem Toorop 0655a08fa7 Unit test for set_limit_outstanding_queries 2017-03-14 15:03:43 +01:00