aboutsummaryrefslogtreecommitdiff
path: root/net/stubby/files
Commit message (Collapse)AuthorAge
* stubby: add uci support to init fileJonathan G. Underwood2018-10-14
| | | | | | | | | | | | | | | | | | This commit brings UCI support to the stubby package. o All options are documented in the README.md file. o The README.md file has been re-written to include a short usage manual. o The default configuration now includes more Cloudflare addresses. o The stubby service is (re)started using procd triggers from a specified interface with a configurable time delay. o Round robin use of upstream resolvers is now activated by default. o Client privacy is now activated by default. o Options are added for specifying the log level of the daemon and command line options passed to the stubby command. Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
* stubby: remove unnecessary core limitTony Ambardar2018-09-23
| | | | | | | | Remove the limit setting core="unlimited", since this shouldn't be needed in production use (i.e. non-debug) and on an embedded platform, which is why it's rarely used by any existing packages. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* stubby: add SPKI pin set for Cloudflare certTony Ambardar2018-09-23
| | | | | | | | | | | | | Add an SPKI pin for Cloudflare to help prevent MITM and downgrade attacks, as described in RFC7858 (DNS over TLS). The setup of SPKI and the specific SHA256 certificate hash are taken from Cloudflare's DoT configuration guide published at https://developers.cloudflare.com/1.1.1.1/dns-over-tls/. Note that the certificate is valid to March 25th 2020, 13:00 CET, which provides ample time for issuance of a backup pin to support future key rollover. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* stubby: add Cloudflare 1.0.0.1 and ::1001 serversTony Ambardar2018-09-23
| | | | Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* stubby: use EDNS client-subnet privacy by defaultTony Ambardar2018-09-23
| | | | | | | | Retain the upstream value since privacy is usually the key user motivation for using DNS-over-TLS, and simply note that those encountering sub-optimal routing may consider disabling the setting. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* stubby: Bump to 0.2.3David Mora2018-05-13
| | | | | | Update to new upstream version. Also changed to Cloudflare's DNS as default. Signed-off-by: David Mora <iamperson347+public@gmail.com>
* stubby: Bump to 0.2.2 plus updates to default configDavid Mora2018-02-21
| | | | | | Bump version plus changes to address concerns regarding default config for stubby provided with this package Signed-off-by: David Mora <iamperson347+public@gmail.com>
* stubby: Initial commit of openwrt package for stubby daemonDavid Mora2018-01-29
(This daemon utilizes the getdns library) Signed-off-by: David Mora <iamperson347+public@gmail.com>
Powered by cgit, Themed by Ted Yin.