Thursday, November 26, 2020

libusi++ shared_ptr fun

I removed my own shared_ptr<T> implementation, called ref_count<T> from libusipp. Sorry for breaking the API, but when I started the project, there was no shared_ptr<T> but now there is, and the standards version is of corse to prefer. It only comes to play when you register your own Layer2 RX or TX classes for example if you want to 'send' IP packets to a string or anything like that.

Excuse the brief README (as I just noticed), but the project is > 20y old and mainly serves internal purposes, such as qdns.

I also uploaded a new github signing key, as the old one expired.

Thursday, November 12, 2020

DoH 0-RTT trickery

I updated my DoH solution for Linux, BSD and OSX to contain more features:

* to allow certain domains to be excempted from DoH lookups and

  to be forwarded to internal DNS servers instead; in order to

  support enterprise/VPN setups where certain internal

  domains will not resolve via public DoH servers

* add 0-RTT support; unfortunately I did not find any 

  public DoH service that actually supports 0-RTT, despite some

  companies annoucing it

If you want to use 0-RTT and experiment with it, you need to build it with OpenSSL 1.1.1 or later and you need to find a DoH server supporting it. Interestingly, Cloudflare DoH servers seem to keep  TLS connections opened longer than in past. As 0-RTT only comes to play after the 1st connection by reusing TLS session tickets exchanged by the previous connection, 0-RTT will never come to play when everything works smoothly. Maybe they decided to disable 0-RTT in favor of longer lasting connections; I could not trigger 0-RTT via Cloudlfare DoH at least. If you have more infos on it, just let me know.

I also added DoH servers from switzerland to the default config, in order to distribute lookups and to avoid placing too much lookup data to the big companies.