Archives/encrypted-dns-server
2
0
Fork 0
mirror of https://github.com/jedisct1/encrypted-dns-server synced 2024-11-15 00:13:02 +00:00
Code Issues Releases Wiki Activity
451 Commits 13 Branches 38 Tags 5.4 MiB
66167649a3
Commit Graph

183 Commits

Author SHA1 Message Date
Frank Denis
cf41840573 We can use Default::default() instead of tokio's Handle 
What kind of magic is that?
 2019-10-07 19:21:18 +02:00
Frank Denis
5afc1f1a6a Ignore casing for caching 2019-10-06 21:04:40 +02:00
Frank Denis
fbf8a72d4f Remove CIR 2019-10-02 18:06:02 +02:00
Frank Denis
4c07e91b3f Limit the number of concurrent connections to the metrics 2019-10-02 13:59:02 +02:00
Frank Denis
8cbd5bb6b6 futres::prelude::* may not always be needed 2019-10-02 13:45:52 +02:00
Frank Denis
22d84a748c Add process feature to prometheus, and a timeout for clients 2019-10-02 13:21:32 +02:00
Frank Denis
a67572f6f2 Add cache hit ratio 2019-10-02 12:16:43 +02:00
Frank Denis
1a53a1906b Silent warning 2019-10-02 12:07:33 +02:00
Frank Denis
86ab29c06a More Prometheus metrics 2019-10-02 12:03:27 +02:00
Frank Denis
cd98c5627c More Prometheus metrics 2019-10-02 11:58:57 +02:00
Frank Denis
71699d8476 Some initial metrics 2019-10-02 11:41:59 +02:00
Frank Denis
27e6097dc9 Prometheus metrics 2019-10-01 20:58:51 +02:00
Frank Denis
f77a5aed47 Add metrics 2019-10-01 18:07:55 +02:00
Frank Denis
e5a42ebfa1 Do not forget to define rcode_refused 2019-10-01 17:00:56 +02:00
Frank Denis
4bc939977e Serve stale on REFUSED, too 2019-10-01 16:58:43 +02:00
Frank Denis
7ab967e163 Refactor the resolver part a little bit 2019-10-01 08:58:50 +02:00
Frank Denis
6fa13f825d Revert direct usage of FutureExt 2019-09-27 00:11:02 +02:00
Frank Denis
7ebcc7287e Tokio update, that makes things more complicated 2019-09-26 19:56:40 +02:00
Frank Denis
18fe23471d Nits 2019-09-26 15:12:18 +02:00
Frank Denis
e4df83410f Keep DNS_FLAGS_CD and DNS_FLAGS_RD 2019-09-26 11:06:12 +02:00
Frank Denis
1e33f82887 Clear answer count on synthetic responses 2019-09-26 02:03:52 +02:00
Frank Denis
6f99d404d6 Typo 2019-09-26 01:45:02 +02:00
Frank Denis
518f0ce17d Implement support for server-side blacklists 2019-09-25 15:51:13 +02:00
Frank Denis
cc53be8cf8 Better error messages 2019-09-24 22:37:25 +02:00
Frank Denis
3d07f98f90 Block on the updater 2019-09-24 19:57:54 +02:00
Frank Denis
f343802fd0 Revert "Nits" 
This reverts commit 0f63c5e594.
 2019-09-24 19:55:51 +02:00
Frank Denis
0f63c5e594 Nits 2019-09-24 19:42:21 +02:00
Frank Denis
653c4e1de7 Better error handling 2019-09-24 19:29:38 +02:00
Frank Denis
41f4d77212 Update env_logger 2019-09-24 16:34:01 +02:00
Frank Denis
0b76ef2cce Change the format of how IP addresses are specified 2019-09-22 13:44:45 +02:00
Frank Denis
c0c66e6254 We don't define any custom error types 2019-09-22 02:30:05 +02:00
Frank Denis
16b5db8c01 u8 vs i8 2019-09-22 01:26:00 +02:00
Frank Denis
a5a84b5bdd Log to file 2019-09-21 16:29:13 +02:00
Frank Denis
c60a1734eb Improved daemonization 2019-09-21 16:19:39 +02:00
Frank Denis
749ee9f7bf Serve stale if cached and a shorter timeout occurs 2019-09-21 13:56:43 +02:00
Frank Denis
a9fe22fa7e Move the resolver to its own file 2019-09-21 12:37:20 +02:00
Frank Denis
ba96f014ef Make DNS cache TTLs configurable 2019-09-21 12:18:27 +02:00
Frank Denis
267a260801 Only force a state update if necessary 2019-09-21 12:03:50 +02:00
Frank Denis
56a8e2eb6a Add TTL and serve-stale support to the DNS cache 
Force certificate refresh on load
 2019-09-21 11:53:40 +02:00
Frank Denis
2135af9610 up 2019-09-21 00:58:16 +02:00
Frank Denis
c98a202f80 Add a simple built-in DNS cache 
(TTL is not handled yet)
 2019-09-21 00:53:20 +02:00
Frank Denis
cf1cbdb51d Split the resolution part 2019-09-20 21:03:15 +02:00
Frank Denis
2366456eb0 up 2019-09-20 12:15:45 +02:00
Frank Denis
1dd5ed07c1 Import from dnscrypt-wrapper 2019-09-20 11:25:24 +02:00
Frank Denis
e681e43070 ADd a key cache and improve logging 2019-09-20 10:39:42 +02:00
Frank Denis
f0c6235d33 Save states asynchronously 2019-09-20 02:31:31 +02:00
Frank Denis
360172601f Nits 2019-09-20 01:44:03 +02:00
Frank Denis
bc4b10f637 Save resolver keys and certificates in the state 2019-09-19 21:08:49 +02:00
Frank Denis
0592855b25 kaboom the compiler 2019-09-19 20:47:44 +02:00
Frank Denis
77a5878a52 Remove unused things 2019-09-19 16:40:08 +02:00
Frank Denis
97de11bb71 Only serve the freshest certificate 2019-09-19 16:28:14 +02:00
Frank Denis
8268f4d241 Better auto renewal 2019-09-19 16:23:04 +02:00
Frank Denis
6c10602af6 Automatic cert renewal 2019-09-19 15:51:27 +02:00
Frank Denis
93774a892f Set Unix permissions on the state file 2019-09-19 13:08:07 +02:00
Frank Denis
00cab788b8 Drop privileges 2019-09-19 12:57:24 +02:00
Frank Denis
e31363e926 Move everything to a configuration file 2019-09-19 12:30:31 +02:00
Frank Denis
2c519a2b46 Move to TOML (1) 2019-09-19 12:09:00 +02:00
Frank Denis
d8d8757c74 TLS proxy return code 2019-09-18 23:55:16 +02:00
Frank Denis
a62b4a0cf7 Add TLS proxying 2019-09-18 23:49:54 +02:00
Frank Denis
ec91355e74 Padding length tweak 2019-09-18 15:23:50 +02:00
Frank Denis
a0454b8aff Detect TLS connections 2019-09-18 14:52:36 +02:00
Frank Denis
89704db220 Be less restrictive regarding packet sizes 2019-09-18 13:50:32 +02:00
Frank Denis
7c76ee9a13 Clean a few things 2019-09-18 13:40:05 +02:00
Frank Denis
a135814891 Persist the provider key 
Of course we also need to persist the resolver keys
 2019-09-18 12:34:19 +02:00
Frank Denis
67a935f291 Padding 2019-09-18 11:53:13 +02:00
Frank Denis
0505f886e5 Handle truncated responses when len(query)<len(response) 2019-09-18 09:53:23 +02:00
Frank Denis
159cf743c2 Pre-reserve enough room for responses 2019-09-18 01:57:15 +02:00
Frank Denis
59ba64d946 Avoid useless allocation 2019-09-18 01:53:17 +02:00
Frank Denis
eb1b857274 Send encrypted DNS responses 2019-09-18 01:44:47 +02:00
Frank Denis
65c2bba989 Keep the shared secret around 2019-09-18 01:23:03 +02:00
Frank Denis
337eb4924d Refactor a bit, remove question padding 2019-09-18 01:06:44 +02:00
Frank Denis
5f0bb6daf5 Start decrypting DNSCrypt queries 2019-09-17 22:33:15 +02:00
Frank Denis
58c5452084 Set TCP source address for outgoing connections 2019-09-17 20:02:09 +02:00
Frank Denis
e1bd1f52dc Recycle old connections 2019-09-09 14:01:10 +02:00
Frank Denis
236b424fbe Keep track of the number of clients 2019-09-09 01:16:29 +02:00
Frank Denis
82924686d9 Check the peer address 
Just for paranoia, as it is redundant with the connect() call, but
cheap enough and the connect() call may eventually be removed.
 2019-09-09 00:36:17 +02:00
Frank Denis
0c1ba485f4 merge 2019-09-09 00:32:28 +02:00
Frank Denis
0b3eabb488 Retry truncated responses over TCP 2019-09-09 00:30:48 +02:00
Frank Denis
35819a2375 Proxying 2019-09-08 22:21:01 +02:00
Frank Denis
f7b2a1777a up 2019-09-08 20:08:20 +02:00
Frank Denis
46c933e398 Print the DNS stamp at startup 2019-09-03 01:33:46 +02:00
Frank Denis
8689469722 up 2019-09-03 01:10:35 +02:00
Frank Denis
1dc7ce9a05 up 2019-09-02 23:02:23 +02:00