daxi20/smartdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

readme: Add instructions on how to get SPKI

Browse Source
This commit is contained in:
Nick Peng
2022-02-16 20:45:05 +08:00
parent f29e292a41
commit 45180c0dd6
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ReadMe.md
View File

@@ -657,6 +657,13 @@ https://github.com/pymumu/smartdns/releases
bind [::]:6053 -no-speed-check -group office -no-rule-addr
```
1. DOT的SPKI如何获取
SPKI可以通过DNS服务商发布的页面获取如果没有发布可以通过如下命令获取其中将对应IP地址更换为要获取SPKI的IP地址。
```sh
echo | openssl s_client -connect '1.0.0.1:853' 2>/dev/null | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
```
## 编译
smartdns包含了编译软件包的脚本支持编译lucidebianopenwrtoptare安装包可执行`package/build-pkg.sh`编译。

9
ReadMe_en.md
View File

@@ -638,7 +638,7 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
Enable cache serve expired feature with `serve-expired yes` to improve the cache hit rate and reduce the CPU consumption.
This feature will return TTL = 0 to the client after the TTL timeout, and send a new query request again at the same time, and cache the new results for later query.
1. How does the second DNS customize more behavior?
1. How does the second DNS customize more behavior?
The second DNS can be used as the upstream of other DNS servers to provide more query behaviors. Bind configuration support can bind multiple ports. Different ports can be set with different flags to implement different functions, such as
```sh
@@ -646,6 +646,13 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
bind [::]:6053 -no-speed-check -group office -no-rule-addr
```
1. How to get SPKI of DOT
The SPKI can be obtained from the page published by the DNS service provider. If it is not published, it can be obtained by the following command, replace IP with your own IP.
````sh
echo | openssl s_client -connect '1.0.0.1:853' 2>/dev/null | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
````
## Compile
smartdns contains scripts for compiling packages, supports compiling luci, debian, openwrt, opare installation packages, and can execute `package/build-pkg.sh` compilation.