Frank Denis
e405c04236
Prometheus update
4 years ago
Frank Denis
ed72e0e064
Don't bail out if only metrics are enabled
4 years ago
Frank Denis
0526aba47b
Bail out if metrics and daemonization are enabled simultaneously
4 years ago
Frank Denis
24284541b0
Don't hardcode the TCP backlog
4 years ago
Frank Denis
641ba88ab1
Serialization now requires the Copy trait
4 years ago
Frank Denis
8a4a413f65
Use impl AsRef<...>
4 years ago
Frank Denis
6a19db5edf
Merge branch 'master' of github.com:jedisct1/rust-dnscrypt-server
...
* 'master' of github.com:jedisct1/rust-dnscrypt-server: (30 commits)
Update Prometheus and friends
Remove nightly feature from clap
client_ttl_jitter -> client_ttl_holdon
Use specific lengths for big arrays
Update serde-big-array requirement from 0.2.0 to 0.3.0
Update deps
Add decreasing TTLs with jitter when a TTL becomes low
Update precompiled binaries
Bump
Add my_ip feature
dafuq
Update deps
Require tokio 0.2.17
Update tokio dep due to a regression in the previous version
Update precompiled binaries
Bump
Update deps to force a tokio update
Revert "Disable parking_lot for tokio"
Bump
Disable parking_lot for tokio
...
4 years ago
Frank Denis
eaba8d3db5
Replace net2 with socket2
...
The Rust ecosystem being the Rust ecosystem, essential crates always get
abandoned after a couple months, and apps need to be rewritten for the
replacement du jour.
4 years ago
Frank Denis
561ebd07f4
client_ttl_jitter -> client_ttl_holdon
4 years ago
Frank Denis
04fdf73046
Use specific lengths for big arrays
4 years ago
Frank Denis
dd1b550ef9
Add decreasing TTLs with jitter when a TTL becomes low
...
Fixes #33
4 years ago
Frank Denis
75166216b9
Add my_ip feature
5 years ago
Frank Denis
2a96c5f985
dafuq
5 years ago
Frank Denis
792f82fa35
Print something when access control is enabled
5 years ago
Frank Denis
b9361a8711
Fail open if the tokens list is empty
5 years ago
Frank Denis
5ebd393981
Clippify
5 years ago
Frank Denis
d5b06a6653
Implement access control
5 years ago
Frank Denis
ccfd7b4184
Use the full timeout if we don't have a cached response
5 years ago
Frank Denis
9b464fe135
Clarify
5 years ago
Frank Denis
58b8d6f5f0
Continue on TCP accept errors
5 years ago
Frank Denis
da00ac2194
Add some extra checks
5 years ago
Frank Denis
1c63906795
Refuse long labels
5 years ago
Frank Denis
af22d59ce8
Add an option to disable DNSCrypt, and do only TLS and relaying
5 years ago
Frank Denis
e9e5c700f0
Add ignore_unqualified_hostnames
5 years ago
Frank Denis
f3fe2fa123
up
5 years ago
Frank Denis
3864de1951
Add the ability to return synthetic response for undelegated TLDs
5 years ago
Frank Denis
3d3a96a6f9
More statistics; keep track of NXDOMAIN responses
5 years ago
Frank Denis
3cc28670cb
Prometheus: use int counters and gauges
5 years ago
Frank Denis
bf5f0b3568
Update to tokio 0.2
5 years ago
Frank Denis
5e0f4a6223
Blacklist: use FxHashMap
5 years ago
Frank Denis
df26dddb86
Revert "Allow serve_stale to be disabled"
...
This reverts commit 3b2301dcbf
.
5 years ago
Frank Denis
3b2301dcbf
Allow serve_stale to be disabled
5 years ago
Frank Denis
a6fb79a2b2
Make the project compatible with rust-stable
5 years ago
Frank Denis
48d0588337
Use SystemTime for the certificate's time
...
Also don't use mem::forget() for the updater, because who knows, Rust
optimizations may be too aggressive.
Maybe
Fixes #13
5 years ago
Frank Denis
4d584d95e6
Move from failure to anyhow
5 years ago
Frank Denis
d0c37819e2
Relax size check for certificates
5 years ago
Frank Denis
05d62da515
Explicit lifetime
5 years ago
Frank Denis
dbbdf984e9
uninline
5 years ago
Frank Denis
f4863ee017
Reintroduce the check for the standard provider name prefix
...
Only cleanbrowsing and dnsforfamily use a non-standard name.
5 years ago
Frank Denis
0c134b5393
Cache relayed certificates
...
To make it slightly more difficult for servers to fingerprint users by
rotating certificates too frequently.
5 years ago
Frank Denis
dd657faaab
Relax cert response check for legacy proxies
5 years ago
Frank Denis
bb39f146ae
Don't relay anything that would be bigger than the original question
5 years ago
Frank Denis
5848713ffd
Forward certificates
5 years ago
Frank Denis
5b77be1ac0
Pick IPv4 or IPv6 wildcard source addresses according to the destination
...
Fixes #10
5 years ago
Frank Denis
2706b2994d
Add a reasonable default set of ports + a new option
5 years ago
Frank Denis
e43ad4949b
to_tcp_listener() is essentially useless
5 years ago
Frank Denis
6483d3d4d7
Set IPV6_ONLY on IPv6 sockets
...
Fixes #9
5 years ago
Frank Denis
3fc7387d9f
Don't be too restrictive, we still need to serve certificates
5 years ago
Frank Denis
5cea42a397
Bump
5 years ago
Frank Denis
82e73374ab
Anonymized DNS is here
5 years ago