Updated dnscrypt-proxy to 2.0.42

Author: bitbeans

SimpleDnsCrypt/DNSx64/dnscrypt-proxy.exe

@@ -43,6 +43,8 @@ public class DnscryptProxyConfiguration : PropertyChangedBase
 		private int _log_files_max_age;
 		private int _log_files_max_backups;
 		private bool _block_ipv6;
+		private bool _block_unqualified;
+		private bool _block_undelegated;
 		private int _reject_ttl;
 		private string _forwarding_rules;
 		private string _cloaking_rules;
@@ -52,7 +54,7 @@ public class DnscryptProxyConfiguration : PropertyChangedBase
 		private int _cache_min_ttl;
 		private int _cache_size;
 		private bool _cache;
-		private string _fallback_resolver;
+		private ObservableCollection<string> _fallback_resolvers;
 		private bool _ignore_system_dns;
 		private Dictionary<string, Static> _static;
 		private string _proxy;
@@ -489,24 +491,29 @@ public int cert_refresh_delay
 		}
 
 		/// <summary>
-		///     Fallback resolver
-		///     This is a normal, non-encrypted DNS resolver, that will be only used
-		///     for one-shot queries when retrieving the initial resolvers list, and
-		///     only if the system DNS configuration doesn't work.
-		///     No user application queries will ever be leaked through this resolver,
-		///     and it will not be used after IP addresses of resolvers URLs have been found.
-		///     It will never be used if lists have already been cached, and if stamps
-		///     don't include host names without IP addresses.
-		///     It will not be used if the configured system DNS works.
-		///     A resolver supporting DNSSEC is recommended. This may become mandatory.
+		///     Fallback resolvers
+		/// 	These are normal, non-encrypted DNS resolvers, that will be only used
+		/// 	for one-shot queries when retrieving the initial resolvers list, and
+		/// 	only if the system DNS configuration doesn't work.
+		/// 	No user application queries will ever be leaked through these resolvers,
+		/// 	and they will not be used after IP addresses of resolvers URLs have been found.
+		/// 	They will never be used if lists have already been cached, and if stamps
+		/// 	don't include host names without IP addresses.
+		/// 	They will not be used if the configured system DNS works.
+		/// 	Resolvers supporting DNSSEC are recommended.
+		/// 	
+		/// 	People in China may need to use 114.114.114.114:53 here.
+		/// 	Other popular options include 8.8.8.8 and 1.1.1.1.
+		/// 	
+		/// 	If more than one resolver is specified, they will be tried in sequence.
 		/// </summary>
-		public string fallback_resolver
+		public ObservableCollection<string> fallback_resolvers
 		{
-			get => _fallback_resolver;
+			get => _fallback_resolvers;
 			set
 			{
-				_fallback_resolver = value;
-				NotifyOfPropertyChange(() => fallback_resolver);
+				_fallback_resolvers = value;
+				NotifyOfPropertyChange(() => fallback_resolvers);
 			}
 		}
 
@@ -578,6 +585,33 @@ public bool block_ipv6
 			}
 		}
 
+		/// <summary>
+		///     Immediately respond to A and AAAA queries for host names without a domain name.
+		/// </summary>
+		public bool block_unqualified
+		{
+			get => _block_unqualified;
+			set
+			{
+				_block_unqualified = value;
+				NotifyOfPropertyChange(() => block_unqualified);
+			}
+		}
+
+		/// <summary>
+		///     Immediately respond to queries for local zones instead of leaking them to
+		///     upstream resolvers (always causing errors or timeouts).
+		/// </summary>
+		public bool block_undelegated
+		{
+			get => _block_undelegated;
+			set
+			{
+				_block_undelegated = value;
+				NotifyOfPropertyChange(() => block_undelegated);
+			}
+		}
+
 		/// <summary>
 		///		TTL for synthetic responses sent when a request has been blocked (due to IPv6 or blacklists).
 		/// </summary>

SimpleDnsCrypt/DNSx86/dnscrypt-proxy.exe

@@ -460,9 +460,12 @@ public void Initialize()
 				}
 			}
 
-			if (DnscryptProxyConfiguration?.fallback_resolver != null)
+			if (DnscryptProxyConfiguration?.fallback_resolvers != null)
 			{
-				FallbackResolver = DnscryptProxyConfiguration.fallback_resolver;
+				if (DnscryptProxyConfiguration.fallback_resolvers.Count > 0)
+				{
+					FallbackResolvers = DnscryptProxyConfiguration.fallback_resolvers;
+				}
 			}
 
 			if (!string.IsNullOrEmpty(DnscryptProxyConfiguration?.cloaking_rules))
@@ -655,6 +658,11 @@ public void Proxies()
 			}
 		}
 
+		public async void ManageFallbackResolvers()
+		{
+
+		}
+
 		public async void ListenAddresses()
 		{
 			dynamic settings = new ExpandoObject();
@@ -1226,15 +1234,15 @@ public bool IsUninstallingService
 
 		#endregion
 
-		private string _fallbackResolver;
-		public string FallbackResolver
+		private ObservableCollection<string> _fallbackResolvers;
+		public ObservableCollection<string> FallbackResolvers
 		{
-			get => _fallbackResolver;
+			get => _fallbackResolvers;
 			set
 			{
-				_fallbackResolver = value;
-				ValidateFallbackResolver();
-				NotifyOfPropertyChange(() => FallbackResolver);
+				_fallbackResolvers = value;
+				ValidateFallbackResolvers();
+				NotifyOfPropertyChange(() => FallbackResolvers);
 			}
 		}
 
@@ -1250,26 +1258,30 @@ public IEnumerable GetErrors(string propertyName)
 		public bool HasErrors => _validationErrors.Any();
 
 
-		private void ValidateFallbackResolver()
+		private void ValidateFallbackResolvers()
 		{
-			if (string.IsNullOrEmpty(_fallbackResolver))
-			{
-				_validationErrors.Add("FallbackResolver", "invalid");
-			}
-			else
+			var validatedFallbackResolvers = new ObservableCollection<string>();
+			foreach (var fallbackResolver in _fallbackResolvers)
 			{
-				var validatedFallbackResolver = ValidationHelper.ValidateIpEndpoint(_fallbackResolver);
-				if (!string.IsNullOrEmpty(validatedFallbackResolver))
+				if (string.IsNullOrEmpty(fallbackResolver))
 				{
-					_fallbackResolver = validatedFallbackResolver;
-					DnscryptProxyConfiguration.fallback_resolver = _fallbackResolver;
-					_validationErrors.Remove("FallbackResolver");
+					_validationErrors.Add("FallbackResolvers", "invalid");
 				}
 				else
 				{
-					_validationErrors.Add("FallbackResolver", "invalid");
+					var validatedFallbackResolver = ValidationHelper.ValidateIpEndpoint(fallbackResolver);
+					if (!string.IsNullOrEmpty(validatedFallbackResolver))
+					{
+						validatedFallbackResolvers.Add(validatedFallbackResolver);
+						_validationErrors.Remove("FallbackResolvers");
+					}
+					else
+					{
+						_validationErrors.Add("FallbackResolvers", "invalid");
+					}
 				}
 			}
+			DnscryptProxyConfiguration.fallback_resolvers = validatedFallbackResolvers;
 		}
 
 		#region Tray

SimpleDnsCrypt/Models/DnscryptProxyConfiguration.cs

@@ -844,7 +844,10 @@
                                                        VerticalAlignment="Bottom"
                                                        HorizontalAlignment="Left" Margin="0,0,0,5">
                                             </TextBlock>
-                                            <TextBox
+                                            <Button IsEnabled="{Binding IsWorkingOnService, Converter={StaticResource ReverseBoolToEnabledConverter}}" Width="Auto"
+                                                    Grid.Row="0" Grid.Column="1" Cursor="Hand" Content="{lex:Loc Key=address_settings_manage_fallback_resolvers}" x:Name="ManageFallbackResolvers" Margin="0,0,0,5"
+                                                    HorizontalAlignment="Right" Style="{DynamicResource CustomAccentedSquareButtonStyle}" VerticalAlignment="Top"></Button>
+                                            <!--<TextBox
                                                 IsEnabled="{Binding IsWorkingOnService, Converter={StaticResource ReverseBoolToEnabledConverter}}"
                                                 Grid.Row="0" Grid.Column="1" Cursor="Hand" MinWidth="65" Width="Auto"
                                                 Text="{Binding FallbackResolver}"
@@ -861,7 +864,7 @@
                                                         </Grid>
                                                     </ControlTemplate>
                                                 </Validation.ErrorTemplate>
-                                            </TextBox>
+                                            </TextBox>-->
                                         </Grid>
                                         <!-- Fallback Resolver end -->
                                         <!-- Netprobe Timeout begin -->

SimpleDnsCrypt/ViewModels/MainViewModel.cs

@@ -11,14 +11,16 @@ force_tcp = false
 timeout = 5000
 keepalive = 30
 cert_refresh_delay = 240
-fallback_resolver = '9.9.9.9:53'
+fallback_resolvers = ['9.9.9.9:53', '8.8.8.8:53']
 ignore_system_dns = true
 netprobe_timeout = 60
 netprobe_address = '9.9.9.9:53'
 log_files_max_size = 10
 log_files_max_age = 7
 log_files_max_backups = 1
 block_ipv6 = true
+block_unqualified = true
+block_undelegated = true
 reject_ttl = 600
 cache = true
 cache_size = 1024