Frank Denis
24284541b0
Don't hardcode the TCP backlog
4 years ago
Frank Denis
641ba88ab1
Serialization now requires the Copy trait
4 years ago
Frank Denis
8a4a413f65
Use impl AsRef<...>
4 years ago
Frank Denis
6a19db5edf
Merge branch 'master' of github.com:jedisct1/rust-dnscrypt-server
...
* 'master' of github.com:jedisct1/rust-dnscrypt-server: (30 commits)
Update Prometheus and friends
Remove nightly feature from clap
client_ttl_jitter -> client_ttl_holdon
Use specific lengths for big arrays
Update serde-big-array requirement from 0.2.0 to 0.3.0
Update deps
Add decreasing TTLs with jitter when a TTL becomes low
Update precompiled binaries
Bump
Add my_ip feature
dafuq
Update deps
Require tokio 0.2.17
Update tokio dep due to a regression in the previous version
Update precompiled binaries
Bump
Update deps to force a tokio update
Revert "Disable parking_lot for tokio"
Bump
Disable parking_lot for tokio
...
4 years ago
Frank Denis
eaba8d3db5
Replace net2 with socket2
...
The Rust ecosystem being the Rust ecosystem, essential crates always get
abandoned after a couple months, and apps need to be rewritten for the
replacement du jour.
4 years ago
Frank Denis
561ebd07f4
client_ttl_jitter -> client_ttl_holdon
4 years ago
Frank Denis
04fdf73046
Use specific lengths for big arrays
4 years ago
Frank Denis
dd1b550ef9
Add decreasing TTLs with jitter when a TTL becomes low
...
Fixes #33
4 years ago
Frank Denis
75166216b9
Add my_ip feature
4 years ago
Frank Denis
2a96c5f985
dafuq
4 years ago
Frank Denis
792f82fa35
Print something when access control is enabled
4 years ago
Frank Denis
b9361a8711
Fail open if the tokens list is empty
4 years ago
Frank Denis
5ebd393981
Clippify
4 years ago
Frank Denis
d5b06a6653
Implement access control
4 years ago
Frank Denis
ccfd7b4184
Use the full timeout if we don't have a cached response
4 years ago
Frank Denis
9b464fe135
Clarify
4 years ago
Frank Denis
58b8d6f5f0
Continue on TCP accept errors
4 years ago
Frank Denis
da00ac2194
Add some extra checks
4 years ago
Frank Denis
1c63906795
Refuse long labels
4 years ago
Frank Denis
af22d59ce8
Add an option to disable DNSCrypt, and do only TLS and relaying
4 years ago
Frank Denis
e9e5c700f0
Add ignore_unqualified_hostnames
5 years ago
Frank Denis
f3fe2fa123
up
5 years ago
Frank Denis
3864de1951
Add the ability to return synthetic response for undelegated TLDs
5 years ago
Frank Denis
3d3a96a6f9
More statistics; keep track of NXDOMAIN responses
5 years ago
Frank Denis
3cc28670cb
Prometheus: use int counters and gauges
5 years ago
Frank Denis
bf5f0b3568
Update to tokio 0.2
5 years ago
Frank Denis
5e0f4a6223
Blacklist: use FxHashMap
5 years ago
Frank Denis
df26dddb86
Revert "Allow serve_stale to be disabled"
...
This reverts commit 3b2301dcbf
.
5 years ago
Frank Denis
3b2301dcbf
Allow serve_stale to be disabled
5 years ago
Frank Denis
a6fb79a2b2
Make the project compatible with rust-stable
5 years ago
Frank Denis
48d0588337
Use SystemTime for the certificate's time
...
Also don't use mem::forget() for the updater, because who knows, Rust
optimizations may be too aggressive.
Maybe
Fixes #13
5 years ago
Frank Denis
4d584d95e6
Move from failure to anyhow
5 years ago
Frank Denis
d0c37819e2
Relax size check for certificates
5 years ago
Frank Denis
05d62da515
Explicit lifetime
5 years ago
Frank Denis
dbbdf984e9
uninline
5 years ago
Frank Denis
f4863ee017
Reintroduce the check for the standard provider name prefix
...
Only cleanbrowsing and dnsforfamily use a non-standard name.
5 years ago
Frank Denis
0c134b5393
Cache relayed certificates
...
To make it slightly more difficult for servers to fingerprint users by
rotating certificates too frequently.
5 years ago
Frank Denis
dd657faaab
Relax cert response check for legacy proxies
5 years ago
Frank Denis
bb39f146ae
Don't relay anything that would be bigger than the original question
5 years ago
Frank Denis
5848713ffd
Forward certificates
5 years ago
Frank Denis
5b77be1ac0
Pick IPv4 or IPv6 wildcard source addresses according to the destination
...
Fixes #10
5 years ago
Frank Denis
2706b2994d
Add a reasonable default set of ports + a new option
5 years ago
Frank Denis
e43ad4949b
to_tcp_listener() is essentially useless
5 years ago
Frank Denis
6483d3d4d7
Set IPV6_ONLY on IPv6 sockets
...
Fixes #9
5 years ago
Frank Denis
3fc7387d9f
Don't be too restrictive, we still need to serve certificates
5 years ago
Frank Denis
5cea42a397
Bump
5 years ago
Frank Denis
82e73374ab
Anonymized DNS is here
5 years ago
Frank Denis
72dfb0628c
Prepare a new configuration section for Anonymized DNS
5 years ago
Frank Denis
5437f80bfc
Merge branch 'master' of github.com:jedisct1/rust-dnscrypt-server
...
* 'master' of github.com:jedisct1/rust-dnscrypt-server:
Return a HINFO record when a query is blocked
5 years ago
Frank Denis
9db26ba20b
Preliminary support for Anonymized DNS
5 years ago
Frank Denis
c0faa11ac1
Return a HINFO record when a query is blocked
...
This is extremely useful to understand why a query doesn't return
e.g. IP addresses that resolve from other servers
5 years ago
Frank Denis
ca35d6fdc8
Ensure that PK prefixes don't match the Anonymized DNSCrypt query magic
5 years ago
Frank Denis
cf41840573
We can use Default::default() instead of tokio's Handle
...
What kind of magic is that?
5 years ago
Frank Denis
5afc1f1a6a
Ignore casing for caching
5 years ago
Frank Denis
fbf8a72d4f
Remove CIR
5 years ago
Frank Denis
4c07e91b3f
Limit the number of concurrent connections to the metrics
5 years ago
Frank Denis
8cbd5bb6b6
futres::prelude::* may not always be needed
5 years ago
Frank Denis
22d84a748c
Add process feature to prometheus, and a timeout for clients
5 years ago
Frank Denis
a67572f6f2
Add cache hit ratio
5 years ago
Frank Denis
1a53a1906b
Silent warning
5 years ago
Frank Denis
86ab29c06a
More Prometheus metrics
5 years ago
Frank Denis
cd98c5627c
More Prometheus metrics
5 years ago
Frank Denis
71699d8476
Some initial metrics
5 years ago
Frank Denis
27e6097dc9
Prometheus metrics
5 years ago
Frank Denis
f77a5aed47
Add metrics
5 years ago
Frank Denis
e5a42ebfa1
Do not forget to define rcode_refused
5 years ago
Frank Denis
4bc939977e
Serve stale on REFUSED, too
5 years ago
Frank Denis
7ab967e163
Refactor the resolver part a little bit
5 years ago
Frank Denis
6fa13f825d
Revert direct usage of FutureExt
5 years ago
Frank Denis
7ebcc7287e
Tokio update, that makes things more complicated
5 years ago
Frank Denis
18fe23471d
Nits
5 years ago
Frank Denis
e4df83410f
Keep DNS_FLAGS_CD and DNS_FLAGS_RD
5 years ago
Frank Denis
1e33f82887
Clear answer count on synthetic responses
5 years ago
Frank Denis
6f99d404d6
Typo
5 years ago
Frank Denis
518f0ce17d
Implement support for server-side blacklists
5 years ago
Frank Denis
cc53be8cf8
Better error messages
5 years ago
Frank Denis
3d07f98f90
Block on the updater
5 years ago
Frank Denis
f343802fd0
Revert "Nits"
...
This reverts commit 0f63c5e594
.
5 years ago
Frank Denis
0f63c5e594
Nits
5 years ago
Frank Denis
653c4e1de7
Better error handling
5 years ago
Frank Denis
41f4d77212
Update env_logger
5 years ago
Frank Denis
0b76ef2cce
Change the format of how IP addresses are specified
5 years ago
Frank Denis
c0c66e6254
We don't define any custom error types
5 years ago
Frank Denis
16b5db8c01
u8 vs i8
5 years ago
Frank Denis
a5a84b5bdd
Log to file
5 years ago
Frank Denis
c60a1734eb
Improved daemonization
5 years ago
Frank Denis
749ee9f7bf
Serve stale if cached and a shorter timeout occurs
5 years ago
Frank Denis
a9fe22fa7e
Move the resolver to its own file
5 years ago
Frank Denis
ba96f014ef
Make DNS cache TTLs configurable
5 years ago
Frank Denis
267a260801
Only force a state update if necessary
5 years ago
Frank Denis
56a8e2eb6a
Add TTL and serve-stale support to the DNS cache
...
Force certificate refresh on load
5 years ago
Frank Denis
2135af9610
up
5 years ago
Frank Denis
c98a202f80
Add a simple built-in DNS cache
...
(TTL is not handled yet)
5 years ago
Frank Denis
cf1cbdb51d
Split the resolution part
5 years ago
Frank Denis
2366456eb0
up
5 years ago
Frank Denis
1dd5ed07c1
Import from dnscrypt-wrapper
5 years ago
Frank Denis
e681e43070
ADd a key cache and improve logging
5 years ago
Frank Denis
f0c6235d33
Save states asynchronously
5 years ago
Frank Denis
360172601f
Nits
5 years ago
Frank Denis
bc4b10f637
Save resolver keys and certificates in the state
5 years ago