From 61e3e00d80f47a9968a154aa702806cebd40f68b Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 27 Jan 2021 16:57:22 +0100 Subject: [PATCH 1/3] Add CI pre-check for new entries --- .github/workflows/prcheck.sh | 60 +++++++++++++++++++++++++++++++++++ .github/workflows/prcheck.yml | 17 ++++++++++ v3/public-resolvers.md | 5 ++- 3 files changed, 81 insertions(+), 1 deletion(-) create mode 100755 .github/workflows/prcheck.sh create mode 100644 .github/workflows/prcheck.yml diff --git a/.github/workflows/prcheck.sh b/.github/workflows/prcheck.sh new file mode 100755 index 00000000..0081a076 --- /dev/null +++ b/.github/workflows/prcheck.sh @@ -0,0 +1,60 @@ +#! /bin/sh + +curl -qL https://github.com/jedisct1/dnscrypt-proxy/releases/download/2.0.45/dnscrypt-proxy-linux_x86_64-2.0.45.tar.gz | tar xzvf - +cd linux-x86_64 || exit 1 + +NEW_ENTRIES="new-entries.txt" +git fetch --all +git diff origin/master | grep -F '+sdns://' | cut -d'+' -f2- | sort >"$NEW_ENTRIES" +if [ ! -s "$NEW_ENTRIES" ]; then + echo "No new entries found" + exit 0 +fi + +DUPLICATES="duplicates.txt" +uniq -d "$NEW_ENTRIES" >"$DUPLICATES" +if [ -s "$DUPLICATES" ]; then + echo "** DUPLICATES FOUND **" + cat "$DUPLICATES" + exit 1 +fi + +exit_code=0 + +CONFIG="test-dnscrypt-proxy.toml" +PIDFILE="dnscrypt-proxy.pid" +LOGFILE="dnscrypt-proxy.log" +while read -r stamp; do + echo + echo "* Checking resolver with stamp:" + echo "$stamp" + echo + cp example-dnscrypt-proxy.toml "$CONFIG" + sed -i -e 's/listen_addresses.*/listen_addresses = ["127.0.0.1:5300"]/' "$CONFIG" + sed -i -e 's/# *server_names.*/server_names = ["test"]/' "$CONFIG" + echo '[static."test"]' >>"$CONFIG" + echo "stamp = '${stamp}'" >>"$CONFIG" + ./dnscrypt-proxy -config "$CONFIG" -pidfile "$PIDFILE" -logfile "$LOGFILE" -loglevel 1 & + sleep 5 + if grep -q 'ERROR.*\[.*:.*]:' "$LOGFILE"; then + echo "(skipping due to IPv6 not being supported by GitHub Actions)" + elif ! ./dnscrypt-proxy -config "$CONFIG" -resolve example.com; then + echo "** UNABLE TO GET A RESPONSE FROM THE RESOLVER **" + echo "Bogus stamp: ${stamp}" + exit_code=1 + fi + kill $(cat "$PIDFILE") + cat "$LOGFILE" + if grep -v 'ERROR.*\[.*:.*]:' "$LOGFILE" | grep -q 'ERROR|CRITICAL|FATAL'; then + echo "** ERRORS FOUND **" + exit_code=1 + fi + echo "Done!" + echo +done <"$NEW_ENTRIES" + +if [ $exit_code != 0 ]; then + echo "** ONE OR MORE CHECKS FAILED **" +fi + +exit $exit_code diff --git a/.github/workflows/prcheck.yml b/.github/workflows/prcheck.yml new file mode 100644 index 00000000..8d4e6906 --- /dev/null +++ b/.github/workflows/prcheck.yml @@ -0,0 +1,17 @@ +name: prcheck + +on: + push: + branches: [master, next, ci] + pull_request: + branches: [master, next, ci] + workflow_dispatch: + +jobs: + prcheck: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: new entries + run: .github/workflows/prcheck.sh diff --git a/v3/public-resolvers.md b/v3/public-resolvers.md index 3d702618..cf0a88df 100644 --- a/v3/public-resolvers.md +++ b/v3/public-resolvers.md @@ -30,8 +30,9 @@ company providing Internet connectivity and VoIP in the UK. https://www.aa.net.uk/legal/dohdot-disclaimer/ -sdns://AgcAAAAAAAAADTIxNy4xNjkuMjAuMjOgPhoaD2xT8-l6SS1XCEtbmAcFnuBXqxUFh2_YP9o9uDggMob_ZaZfrzIIXuoTiMNzi6fjeHPJBszjxKKLTMKliYgNZG5zLmFhLm5ldC51awovZG5zLXF1ZXJ5 +sdns://AgcAAAAAAAAADTIxNy4xNjkuMjAuMjOgPhoaD2xT8-l6SS1XCEtbmAcFnuBXqxUFh2_YP9o9uDggMob_ZaZfrzIIXuoTiMNzi6fjeHPJBszjxKKLTMKliYgNZG5zLmFhLm5ldC51awovZG5zLXd1ZXJ5 +sdns://AgcAAAAAAAAADTIxNy4xNjkuMjAuMjOgPhoaD2xT8-l6SS1XCEtbmAcFnuBXqxUFh2_YP9o9uDggMob_ZaZfrzIIXuoTiMNzi6fjeHPJBszjxKKLTMKliYgNZG5zLmFhLm5ldC51awovZG5zLXF1ZXJ5 ## aaflalo-me-gcp @@ -69,6 +70,8 @@ Public non-censoring, non-logging, DNSSEC-capable, DNSCrypt-enabled DNS resolver sdns://AQcAAAAAAAAAFlsyMDAxOmJjODoxODI0OjczODo6MV0gAyfzz5J-mV9G-yOB4Hwcdk7yX12EQs5Iva7kV3oGtlEgMi5kbnNjcnlwdC1jZXJ0LmFjc2Fjc2FyLWFtcy5jb20 +sdns://AQcAAAAAAAAAFlsyMDAxOmJjODoxODI0OjczODo6MV0gAyfzz5J-mV9G-yOB4Hwcdk7yX12EQs5Iva7kV3oGtlEgMi5kbnNjcnlwdC1jZXJ0LmFjc2Fjc2FyLWFtcy5jb20 + ## adfree.usableprivacy.net From 5cf61253321d48070fa0892d9a7e922106a375fd Mon Sep 17 00:00:00 2001 From: joker349 <77852974+joker349@users.noreply.github.com> Date: Wed, 27 Jan 2021 21:53:50 +0530 Subject: [PATCH 2/3] add dns.therifleman.name (#410) add dns.therifleman.name --- v3/public-resolvers.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/v3/public-resolvers.md b/v3/public-resolvers.md index cf0a88df..05f8348b 100644 --- a/v3/public-resolvers.md +++ b/v3/public-resolvers.md @@ -827,6 +827,15 @@ https://dns.sb sdns://AgUAAAAAAAAAAAAKZG9oLmRucy5zYgovZG5zLXF1ZXJ5 +## dns.therifleman.name + +DNS-over-HTTPS DNS resolver from Mumbai, India. Blocks Web and Android trackers and Ads. +Hosted on Linode instance. 24hrs logging (for debugging). No DNS query data is shared with anybody. +Report issues, send suggestions @ joker349 at protonmail.com. Also supports DoT (for android) @ dns.therifleman.name and plain DNS @ 172.104.206.174 + +sdns://AgEAAAAAAAAADzE3Mi4xMDQuMjA2LjE3NAAUZG5zLnRoZXJpZmxlbWFuLm5hbWUKL2Rucy1xdWVyeQ + + ## dnscrypt-ch-blahdns-ipv4 Blocks ad and Tracking, no Logging, DNSSEC, Hosted in Switzerland. By https://blahdns.com/ From 1881d0cbdd1c3bcbb7aecf036856c1016763f104 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 27 Jan 2021 17:31:51 +0100 Subject: [PATCH 3/3] Sign --- v2/public-resolvers.md | 10 ++++++++++ v2/public-resolvers.md.minisig | 6 +++--- v3/public-resolvers.md | 14 ++++++-------- v3/public-resolvers.md.minisig | 6 +++--- 4 files changed, 22 insertions(+), 14 deletions(-) diff --git a/v2/public-resolvers.md b/v2/public-resolvers.md index 0bff8639..d8de838f 100644 --- a/v2/public-resolvers.md +++ b/v2/public-resolvers.md @@ -811,6 +811,16 @@ https://dns.sb sdns://AgUAAAAAAAAAAAAKZG9oLmRucy5zYgovZG5zLXF1ZXJ5 +## dns.therifleman.name + +DNS-over-HTTPS DNS forwarder from Mumbai, India. Blocks web and Android trackers and ads. +Forwards queries to Linode DNS resolvers. 24hrs logging (for debugging). +Report issues, send suggestions @ joker349 at protonmail.com. +Also supports DoT (for android) @ dns.therifleman.name and plain DNS @ 172.104.206.174 + +sdns://AgEAAAAAAAAADzE3Mi4xMDQuMjA2LjE3NCAyhv9lpl-vMghe6hOIw3OLp-N4c8kGzOPEootMwqWJiBRkbnMudGhlcmlmbGVtYW4ubmFtZQovZG5zLXF1ZXJ5 + + ## dnscrypt-ch-blahdns-ipv4 Blocks ad and Tracking, no Logging, DNSSEC, Hosted in Switzerland. By https://blahdns.com/ diff --git a/v2/public-resolvers.md.minisig b/v2/public-resolvers.md.minisig index 0e391c92..5fdcc758 100644 --- a/v2/public-resolvers.md.minisig +++ b/v2/public-resolvers.md.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RWQf6LRCGA9i5wuPPoJMyESopKVlAx0MOrHsBFifKeozeXdXmSGc8BMVrFXr6P71ejZNsXclwR10sPCwQQKAksIha9MQzZh/LA8= -trusted comment: timestamp:1611605228 file:public-resolvers.md -r3mOY+Jn8BYUaqA9siPteerJVKTaZG8tZ8sJ/wigApAfqRqrvjfB2W7N7z4VjmPvb9tabpI/QXPmrskqmawZDg== +RWQf6LRCGA9i5xaXJVLVjckRKSv8hBYaCp9cFyz9MMkF1EN3s/iempW6p0kt0FXXFkJ7vENc8nq7A5NAs4m1rVW3M3izNeWblA8= +trusted comment: timestamp:1611765198 file:public-resolvers.md +qQ8vSSJbgxwP5lLW2S9jZLdjCH55iQEi1oiwA+f3XhnO+yHszll0XX85zm4Lyy4uUZEaU0aJrJ8F9BZXplfOAw== diff --git a/v3/public-resolvers.md b/v3/public-resolvers.md index 05f8348b..c5f6051c 100644 --- a/v3/public-resolvers.md +++ b/v3/public-resolvers.md @@ -30,10 +30,9 @@ company providing Internet connectivity and VoIP in the UK. https://www.aa.net.uk/legal/dohdot-disclaimer/ -sdns://AgcAAAAAAAAADTIxNy4xNjkuMjAuMjOgPhoaD2xT8-l6SS1XCEtbmAcFnuBXqxUFh2_YP9o9uDggMob_ZaZfrzIIXuoTiMNzi6fjeHPJBszjxKKLTMKliYgNZG5zLmFhLm5ldC51awovZG5zLXd1ZXJ5 - sdns://AgcAAAAAAAAADTIxNy4xNjkuMjAuMjOgPhoaD2xT8-l6SS1XCEtbmAcFnuBXqxUFh2_YP9o9uDggMob_ZaZfrzIIXuoTiMNzi6fjeHPJBszjxKKLTMKliYgNZG5zLmFhLm5ldC51awovZG5zLXF1ZXJ5 + ## aaflalo-me-gcp Same as aaflalo-me-nyc. Use aaflalo-me-nyc. @@ -70,8 +69,6 @@ Public non-censoring, non-logging, DNSSEC-capable, DNSCrypt-enabled DNS resolver sdns://AQcAAAAAAAAAFlsyMDAxOmJjODoxODI0OjczODo6MV0gAyfzz5J-mV9G-yOB4Hwcdk7yX12EQs5Iva7kV3oGtlEgMi5kbnNjcnlwdC1jZXJ0LmFjc2Fjc2FyLWFtcy5jb20 -sdns://AQcAAAAAAAAAFlsyMDAxOmJjODoxODI0OjczODo6MV0gAyfzz5J-mV9G-yOB4Hwcdk7yX12EQs5Iva7kV3oGtlEgMi5kbnNjcnlwdC1jZXJ0LmFjc2Fjc2FyLWFtcy5jb20 - ## adfree.usableprivacy.net @@ -829,11 +826,12 @@ sdns://AgUAAAAAAAAAAAAKZG9oLmRucy5zYgovZG5zLXF1ZXJ5 ## dns.therifleman.name -DNS-over-HTTPS DNS resolver from Mumbai, India. Blocks Web and Android trackers and Ads. -Hosted on Linode instance. 24hrs logging (for debugging). No DNS query data is shared with anybody. -Report issues, send suggestions @ joker349 at protonmail.com. Also supports DoT (for android) @ dns.therifleman.name and plain DNS @ 172.104.206.174 +DNS-over-HTTPS DNS forwarder from Mumbai, India. Blocks web and Android trackers and ads. +Forwards queries to Linode DNS resolvers. 24hrs logging (for debugging). +Report issues, send suggestions @ joker349 at protonmail.com. +Also supports DoT (for android) @ dns.therifleman.name and plain DNS @ 172.104.206.174 -sdns://AgEAAAAAAAAADzE3Mi4xMDQuMjA2LjE3NAAUZG5zLnRoZXJpZmxlbWFuLm5hbWUKL2Rucy1xdWVyeQ +sdns://AgEAAAAAAAAADzE3Mi4xMDQuMjA2LjE3NCAyhv9lpl-vMghe6hOIw3OLp-N4c8kGzOPEootMwqWJiBRkbnMudGhlcmlmbGVtYW4ubmFtZQovZG5zLXF1ZXJ5 ## dnscrypt-ch-blahdns-ipv4 diff --git a/v3/public-resolvers.md.minisig b/v3/public-resolvers.md.minisig index f56a459a..372c8435 100644 --- a/v3/public-resolvers.md.minisig +++ b/v3/public-resolvers.md.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RWQf6LRCGA9i5yaUhlSA7hP+bLiTtpOJJp+EGsq1a4bc+JVkY43xXuITENu7ed0Jq1gvmGB2J3apGZ+F8qQ9rD8hPa1a1BRvDws= -trusted comment: timestamp:1611605228 file:public-resolvers.md -S4ZxLK2kXBGcftg80UpIEtiTlUstNl6aDApb1MYaj9lYYKX5cNt77YTlTZmGRm2r/qoQ3FblB3HYusupM3hxDg== +RWQf6LRCGA9i5652Bleg7xaWEiMCN8AU2Ms5gtDgwo0dYQWOuHxiEFT22dvqKkDFXS1vl4LCfiYvvvFtEyHHr4FH9zW7DNgZ/go= +trusted comment: timestamp:1611765198 file:public-resolvers.md +Bw8oHNJHDrjXmikY2iB8OitLWmCFy935Pg6SXL3qI8i6TMnquc9CJcnAOvq492dDrvhTNGxQkd0srurexhuRAQ==