Skip to content

2.0.9

Compare
Choose a tag to compare
@jedisct1 jedisct1 released this 11 Apr 10:41
· 1571 commits to master since this release
2.0.9
  • Whitelists have been implemented: one a name matches a pattern in the whitelist, rules from the name-based and IP-based blacklists will be bypassed. Whitelists support the same patterns as blacklists, as
    well as time-based rules, so that some website can be normally blocked, but accessible on specific days or times of the day.
  • Lists are now faster to load, and large lists require significantly less memory than before.
  • New options have been added to disable TLS session tickets as well as use a specific cipher suite. See the example configuration file for a recommended configuration to speed up DoH servers on ARM such as Android devices and Raspberry Pi.
  • The -service install command now remembers what the current directory was when the service was installed, in order to later load configuration files with relative paths.
  • DoH: The "Cache-Control: max-age" header is now ignored.
  • Patterns can now be prefixed with = to do exact matching: =example.com matches example.com but will not match www.example.com.
  • Patterns are now fully supported by the cloaking module.
  • A new option was added to use a specific cipher suite instead of the server's provided one. Using RSA+ChaChaPoly over ECDSA+AES-GCM has shown to decrease CPU usage and latency when connecting to Cloudflare, especially on Mips and ARM systems.
  • The ephemeral keys mode of dnscrypt-proxy v1.x was reimplemented: this creates a new unique key for every single query.