Include DNS.SB's resolver in example configuration

Merge pull request #47 from rwv/master

slightly optimize the order of instructions in Dockerfile

optimize the order of instructions in Dockerfile

Merge pull request #46 from jangrewe/master

Add Dockerfiles

Build separate Docker image for doh-server and doh-client
Make doh-client also listen on both IPv4 and IPv6

Update the sample configuration to teach users how to listen on both IPv4 and IPv6

Update Dockerfile to make doh-server listen on IPv4 and IPv6

Add Dockerfile

Release 2.1.0

Disable static linking to Swift standard libraries

According to Apple: Swift compiler no longer supports statically linking the Swift libraries. They're included in the OS by default starting with macOS Mojave 10.14.4. For macOS Mojave 10.14.3 and earlier, there's an optional Swift library package that can be downloaded from "More Downloads" for Apple Developers at https://developer.apple.com/download/more/

Explain why ECS is disabled by some servers

Merge pull request #44 from modib/quad9-dns-config

Added Quad9 servers in config.

Updated Quad9 config with ECS, DNSSEC info.

Merge pull request #45 from wsquasher/master

Use TCP when appropriate for the given query type/response

Use TCP when appropriate for the given query type/response

Added Quad9 servers in config. Good for malware threat prevention.

Merge pull request #43 from modib/macos-build-error-fix

Make Makefile compatible with swift5 and older swift versions

Make Makefile compatible with swift5 and older swift versions

Add local_addr configuration for doh-server (#39)

* Add local_addr configuration for doh-server

This commit adds a `local_addr` string value to `doh-server.conf`, specifying the IP address and port from which outgoing calls to upstream DNS resolvers should originate. This value is set as the `udpClient`'s and `tcpClient`'s `Dialer.LocalAddr` when initializing a `NewServer`. If the value is left empty in `doh-server.conf`, it defaults to the first `listen` address (which in turn defaults to `"127.0.0.1:8053"`).

One use case for this would be if `doh-server` is proxying requests to a local DNS resolver (e.g. `unbound` or Pi-hole). Up to version 2.0.0, all DNS queries from `doh-server` are sent from `127.0.0.1` (even if the `listen` address is set to a different loopback IP address), making it hard to distinguish them from all other local DNS queries from the same machine in the query logs.

* Revert defaulting of local_addr to listen address

This commit reverts to the existing behavior when `conf.LocalAddr == ""`, i.e. letting `dns.Client` instantiate its own `Dialer` with the default local address.

* Fixup comment in configuration file

* Log errors from Dialer instantiation (e.g. if LocalAddr port is missing)

* Fixup other comment in configuration file

* Return error and log fatal

Release 2.0.1

Fix random selector (#41)

* Fix a bug: when only have one upstream, random selector will panic

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

Update Changelog

log real client ip behind a HTTPS gateway (#38)

* log real client ip behind a HTTPS gateway

* fix tab/space indent

* better compatible for apache/nginx log default format

* add config option

Add LVS weight round robin selector (#36)

* Add upstream selector, there are two selector now:
- random selector
- weight random selector

random selector will choose upstream at random; weight random selector will choose upstream at random with weight

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Rewrite config and config file example, prepare for weight round robbin selector

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Replace bad implement of weight random selector with weight round robbin selector, the algorithm is nginx weight round robbin like

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Use new config module

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Disable deprecated DualStack set

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Fix typo

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Optimize upstreamSelector judge

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Fix typo

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add config timeout unit tips

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Set wrr http client timeout to replace http request timeout

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add weight value range

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add a line ending for .gitignore

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Optimize config file style

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Modify Weight type to int32

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add upstreamError

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Rewrite Selector interface and wrr implement

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Use http module predefined constant to judge req.response.StatusCode

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Use Selector.ReportUpstreamError to report upstream error for evaluation loop in real time

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Make client selector field private

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Replace config file url to URL
Add miss space for 'weight= 50'

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Rewrite Selector.ReportUpstreamError to Selector.ReportUpstreamStatus, report upstream ok in real time

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Fix checkIETFResponse: if upstream OK, won't increase weight

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Fix typo

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Rewrite wrr evaluation, concurrent check upstream and reduce interval to 15s

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add lvs wrr selector config

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add DebugReporter interface, when client verbose is true and the selector implements it, will report all upstream weights every 15s

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Rename WeightRoundRobinSelector to NginxWRRSelector

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add LVSSelector

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Remove useless log

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

Bump version to 2.0.0

Update build scripts

Replace Url with URL

Add backend weight round robin select (#34)

* Add upstream selector, there are two selector now:
- random selector
- weight random selector

random selector will choose upstream at random; weight random selector will choose upstream at random with weight

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Rewrite config and config file example, prepare for weight round robbin selector

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Replace bad implement of weight random selector with weight round robbin selector, the algorithm is nginx weight round robbin like

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Use new config module

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Disable deprecated DualStack set

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Fix typo

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Optimize upstreamSelector judge

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Fix typo

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add config timeout unit tips

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Set wrr http client timeout to replace http request timeout

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add weight value range

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add a line ending for .gitignore

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Optimize config file style

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Modify Weight type to int32

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Add upstreamError

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Rewrite Selector interface and wrr implement

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Use http module predefined constant to judge req.response.StatusCode

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Use Selector.ReportUpstreamError to report upstream error for evaluation loop in real time

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Make client selector field private

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Replace config file url to URL
Add miss space for 'weight= 50'

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Rewrite Selector.ReportUpstreamError to Selector.ReportUpstreamStatus, report upstream ok in real time

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Fix checkIETFResponse: if upstream OK, won't increase weight

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

* Fix typo

Signed-off-by: Sherlock Holo <sherlockya@gmail.com>

Bump to version 1.4.3

Release 1.4.2

Remove dns.ErrTruncated according to https://github.com/miekg/dns/pull/815

Merge pull request #30 from Sherlock-Holo/master

Refine runtime.GOOS check, use switch case to replace a long if

Refine runtime.GOOS check, use switch case to replace a long if

Use time.Since to replace time.Now().Sub

Add PID file support

Remove an item from Changelog since it was actually fixed in eariler version

Correct spelling

Bump version to 1.4.2

Release 1.4.1

Add detectportal.firefox.com to default passthrough list

Enable CORS by default, which is necessary for AJAX resolver to run

Detect context.DeadlineExceeded

Use context for more functions

Put cancel() earlier

Use RCODE_REFUSED for unsupported Qclass

Try to use context.WithTimeout to detect HTTP timeout. Hopefully it might work.

Slightly change the log format

Add passthrough feature, tests are welcome

Fix HTTP stream leaking problem

Merge pull request #28 from Chaz6/patch-1

doh-server: change to google.go

Update google.go

Make "cd" check case-insensitive.

doh-server: change to google.go

Allow the "cd" parameter to be case insensitive to work with some clients that send True/False instead of true/false such as gDNS.

Congratulations RFC 8484, remove the word "draft" from Readme

Congratulations RFC 8484, remove the word "draft" from Readme

Update Readme, fix issue #27

Update Readme

Add a ink to a guide

Fix panic with debug_http_headers

Merge pull request #22 from paulie-g/master

Fix segfault when no_cookies=true

Fix segfault when no_cookies=true

Build doh-logger with static libswiftCore, fix #20

Add configuration option: debug_http_headers

Bump version to 1.3.11

Release 1.3.10

Enable application/dns-message (draft-13) by default, since Google has finally supported it

Move linux-install.* to contrib/

Bump version to 1.3.10

Release 1.3.9

Change the ECS prefix length from /48 to /56 for IPv6, per RFC 7871

Update Readme to instruct Debian users to set $GOROOT

If $GOROOT is defined, Makefile should respect the value, fix #8

Add 5380 as an additional default doh-client port

Fix #16: doh-client panics when connecting no_cookies = true

Update example configuration

Update example configuration

Bump version to 1.3.9

Release 1.3.8

Workaround a bug causing Firefox 61-62 to reject responses with Content-Type = application/dns-message

Workaround a bug causing Firefox 61-62 to reject responses with Content-Type = application/dns-message

Workaround a bug causing Firefox 61-62 to reject responses with Content-Type = application/dns-message

Preserve TransactionID

Disable preventing capitalization scrambling

Turn on no_cookies by default according to the IETF draft

Construct a real DNS packet for DNSCrypt-Proxy

Remove offensive words :-)

Update Readme

Update Readme

Update documentation about TLS

This is to avoid confusions like issue #12

Bump version to 1.3.8

Release 1.3.7

Workaround a bug causing DNSCrypt-Proxy to expect a response with TransactionID = 0xcafe

Workaround a bug causing Unbound to refuse returning anything about the root

Fix typo

Install default configuration files to *.conf.example

Print upstream information if error happens

Add CloudFlare DNS resolver for Tor to the preset

Release 1.3.6

Add an option to disable IPv6, this option is available to client only

Revert "Conflict with systemd-resolved.service"

This reverts commit 88b3c95710536ba351132276783e6cd362629eb2.

Write a logger for macOS systems