./net/dnscrypt-proxy2, DNS proxy with support for encrypted protocols

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.0.42, Package name: dnscrypt-proxy2-2.0.42, Maintainer: nia

A flexible DNS proxy, with support for modern encrypted DNS protocols
such as DNSCrypt v2 and DNS-over-HTTP/2.


Required to build:
[pkgtools/cwrappers] [lang/go113]

Master sites:

SHA1: 2d7d5cd09b05779ed55d676ff73064440513bbf8
RMD160: 05a922127374a5f8daa6dd56d6af6cbaf36ee030
Filesize: 2269.963 KB

Version history: (Expand)


CVS history: (Expand)


   2020-03-30 12:09:34 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
dnscrypt-proxy2: Update to 2.0.42

* Version 2.0.42
 - The current versions of the `dnsdist` load balancer (presumably used
by quad9, cleanbrowsing, qualityology, freetsa.org, ffmuc.net,
opennic-bongobow, sth-dnscrypt-se, ams-dnscrypt-nl and more)
is preventing queries over 1500 bytes from being received over UDP.
Temporary workarounds have been introduced to improve reliability
with these resolvers for regular DNSCrypt. Unfortunately, anonymized
DNS cannot be reliable until the issue is fixed server-side. `dnsdist`
authors are aware of it and are working on a fix.
 - New option in the `[anonymized_dns]` section: `skip_incompatible`,
to ignore resolvers incompatible with Anonymized DNS instead of
using them without a relay.
 - The server latency benchmark is faster while being able to perform
more retries if necessary.
 - Continuous integration has been moved to GitHub Actions.
   2020-03-22 10:38:51 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
dnscrypt-proxy2: Update to 2.0.40

* Version 2.0.40
 - Servers blocking fragmented queries are now automatically detected.
 - The server name is now only present in query logs when an actual
upstream servers was required to resolve a query.
 - TLS client authentication has been added for DoH.
 - The Firefox plugin is now skipped for connections coming from the
local DoH server.
 - DoH RTT computation is now more accurate, especially when CDNs are
in the middle.
 - The forwarding plugin is now more reliable, and handles retries over
 TCP.
   2020-03-21 17:57:21 by Benny Siegert | Files touched by this commit (170) | Package updated
Log message:
Revbump all Go packages after go113 update.
   2020-02-02 15:19:15 by Benny Siegert | Files touched by this commit (169) | Package updated
Log message:
Revbump all Go packages after go113 update.
   2020-01-31 22:11:12 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
dnscrypt-proxy2: Update to 2.0.39

* Version 2.0.39
 - The Firefox Local DoH service didn't properly work in version 2.0.38;
this has been fixed. Thanks to Simon Brand for the report!

* Version 2.0.38
 - Entries from lists (forwarding, blacklists, whitelists) now support
inline comments.
 - Reliability improvement: queries over UDP are retried after a timeout
instead of solely relying on the client.
 - Reliability improvement: during temporary network outages, cached records
are now served even if they are stale.
 - Bug fix: SOCKS proxies and DNS relays can be combined.
 - New feature: multiple fallback resolvers are now supported (see the
new `fallback_resolvers` option. Note that `fallback_resolver` is
still supported for backward compatibility).
 - Windows: the service can be installed with a configuration file
stored separately from the application.
 - Security (affecting DoH): precompiled binaries of dnscrypt-proxy 2.0.37 are
built using Go 1.13.7 that fixes a TLS certificate parsing issue present in
previous versions of the compiler.
   2020-01-10 14:32:32 by Benny Siegert | Files touched by this commit (169)
Log message:
Revbump Go packages after Go default version bump.
   2019-12-31 15:41:38 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
dnscrypt-proxy2: Update to 2.0.36

* Version 2.0.36
 - New option: `block_undelegated`. When enabled, `dnscrypt-proxy` will
directly respond to queries for locally-served zones (https://sk.tl/2QqB971U)
and nonexistent zones that should have been kept local, but are frequently
leaked. This reduces latency and improves privacy.
 - Conformance: the `DO` bit is now set in synthetic responses if it was
set in a question, and the `AD` bit is cleared.
 - The `miegkg/dns` module was updated to version 1.1.26, that fixes a
security issue affecting non-encrypted/non-authenticated DNS traffic. In
`dnscrypt-proxy`, this only affects the forwarding feature.
   2019-12-13 08:44:06 by Benny Siegert | Files touched by this commit (168) | Package updated
Log message:
Revbump all Go packages after Go 1.12.14 update.