Re: [dev] suckless dns over http client

2018-04-10 Thread harry666t
> Isn't that what [axfrdns](https://cr.yp.to/djbdns/axfrdns.html ) from > djbdns is made for? It's the "S" in "HTTPS". The whole point of the exercise is to have end-to-end encryption and server authentication between you and the DNS server. Otherwise it's dumb, it just adds overhead. If you

Re: [dev] suckless dns over http client

2018-04-09 Thread Joshua Haase
Calvin Morrison (2018-04-02 15:31): | In lieu of the recent 1.1.1.1 announcement, i was wondering if anyone | has written a suckless, simple, dns over http relay? Maybe it would be | a good thing to add to the wiki as potential ideas? The basic concept | of the tool would be to run as a daemon,

Re: [dev] suckless dns over http client

2018-04-03 Thread harry666t
> What was the motivation behind this line? > endpoint := c.Endpoints[rand.Int()%len(c.Endpoints)] Round-robin load-balancing. As it is, non-uniform, if the amount of endpoints is not a power of 2, but hey, quick and dirty. Also privacy, to an extent. If one day more public DNS providers offer

Re: [dev] suckless dns over http client

2018-04-03 Thread Calvin Morrison
On 3 April 2018 at 16:22, harry666t wrote: >> There is a small bug on line 34: if the statuscode isn't 200 then the >> response body is never closed. > > Thanks Martin. Fixed. > >> Probably not a huge deal since this is a command line client, but in >> long-running servers

Re: [dev] suckless dns over http client

2018-04-03 Thread harry666t
> There is a small bug on line 34: if the statuscode isn't 200 then the > response body is never closed. Thanks Martin. Fixed. > Probably not a huge deal since this is a command line client, but in > long-running servers this will cause file descriptor leaks. It is a huge deal. If I can't get a

Re: [dev] suckless dns over http client

2018-04-03 Thread Calvin Morrison
>> In Calvin's sdohd, it's curl doing all of the TCP+TLS+HTTPS heavy >> lifting. The UDP socket accepts actual DNS requests from the local >> machine and mangles them into DoH. I am now thinking we might be able to work this thing entirely as a script. socat provides a forking solution for

Re: [dev] suckless dns over http client

2018-04-03 Thread Laslo Hunhold
On Tue, 3 Apr 2018 22:12:02 +0200 harry666t wrote: Hey Harry, > In Calvin's sdohd, it's curl doing all of the TCP+TLS+HTTPS heavy > lifting. The UDP socket accepts actual DNS requests from the local > machine and mangles them into DoH. that's very interesting. Thanks for

Re: [dev] suckless dns over http client

2018-04-03 Thread Martin Tournoij
On Tue, Apr 3, 2018, at 21:12, harry666t wrote: > My take - if you don't mind Go... > https://github.com/rollcat/gdoh > No forking, no dependencies outside of stdlib, async > queries/responses, allows using multiple providers, 78 loc. There is a small bug on line 34: if the statuscode isn't 200

Re: [dev] suckless dns over http client

2018-04-03 Thread harry666t
My take - if you don't mind Go... https://github.com/rollcat/gdoh No forking, no dependencies outside of stdlib, async queries/responses, allows using multiple providers, 78 loc. > I'm pretty sure DNS over HTTPS runs on top of a TCP stream and not a UDP > stream. In Calvin's sdohd, it's curl

Re: [dev] suckless dns over http client

2018-04-03 Thread Calvin Morrison
On 3 April 2018 at 15:43, Laslo Hunhold wrote: > On Tue, 3 Apr 2018 00:12:01 -0400 > Calvin Morrison wrote: > > Hey Calvin, > > I'm pretty sure DNS over HTTPS runs on top of a TCP stream and not a > UDP stream. > standard DNS requests are made via UDP on

Re: [dev] suckless dns over http client

2018-04-03 Thread Laslo Hunhold
On Tue, 3 Apr 2018 00:12:01 -0400 Calvin Morrison wrote: Hey Calvin, > Presenting sdohd(1) - simple dns over https daemon [0]f > > okay I wrote it see below. depends on curl, also i havent written C in > a long time so I didn't really have a good grasp on allocating

Re: [dev] suckless dns over http client

2018-04-02 Thread Calvin Morrison
Presenting sdohd(1) - simple dns over https daemon [0]f okay I wrote it see below. depends on curl, also i havent written C in a long time so I didn't really have a good grasp on allocating stuff, nor did i read the actual spec on dns so i hope bufsize = 256 is big enough for any dns response,

Re: [dev] suckless dns over http client

2018-04-02 Thread Calvin Morrison
> On 2 April 2018 at 16:56, Laslo Hunhold wrote: > Given these circumstances, I see no elegant way to implement this in a > suckless way given HTTP/2 requires the server to do some pretty complex > connection-state-handling. curl kinda sucks, but, at least it's outside of our code

Re: [dev] suckless dns over http client

2018-04-02 Thread Laslo Hunhold
On Mon, 2 Apr 2018 15:31:20 -0400 Calvin Morrison wrote: Hey Calvin, > In lieu of the recent 1.1.1.1 announcement, i was wondering if anyone > has written a suckless, simple, dns over http relay? Maybe it would be > a good thing to add to the wiki as potential ideas? The

Re: [dev] suckless dns over http client

2018-04-02 Thread Quentin Rameau
> In lieu of the recent 1.1.1.1 announcement, i was wondering if anyone > has written a suckless, simple, dns over http relay? haha ;)