upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-04 13:59:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
7084 commits 23 branches 209 tags 124 MiB
Commit graph

146 commits

Author SHA1 Message Date
Willem Toorop
75f3fbdd65 Downstream DNS Cookies a la RFC7873 and RFC9018 
Create server cookies for clients that send client cookies.
Needs to be turned on in the config file with:

	answer-cookie: yes

A cookie-secret can be configured for anycast setups.
Also adds an access control list that will allow queries with
either a valid cookie or over a stateful transport.
 2022-09-28 10:28:19 +02:00
George Thessalonikefs
efdd70c7b5 - Cleanup some comments and TODO text. 2022-07-23 19:55:15 +02:00
W.C.A. Wijngaards
2abd6f7d58 - Fix dname count in sldns parse type descriptor for SVCB and HTTPS. 2022-07-12 13:29:51 +02:00
Philip Homburg
0e1c266f86 Fix issue with lines that only consist of blanks with optional comment 2022-06-13 11:41:14 +02:00
W.C.A. Wijngaards
11d077c826 - Fix some lint type warnings. 2022-05-20 15:32:27 +02:00
tcarpay
0ce36e8289
Add the basic EDE (RFC8914) cases (#604) 2022-05-06 12:48:53 +02:00
W.C.A. Wijngaards
8f8a8a341a - Fix spelling error in comment in sldns_str2wire_svcparam_key_lookup. 2022-03-25 16:07:23 +01:00
W.C.A. Wijngaards
402135b41a - Fix to ensure uniform handling of spaces and tabs when parsing RRs. 2022-03-16 09:54:53 +01:00
W.C.A. Wijngaards
b202b0874c - Fix for #637: fix integer overflow checks in sldns_str2period. 2022-03-03 16:24:46 +01:00
W.C.A. Wijngaards
debe5c665f - Fix #637: Integer Overflow in sldns_str2period function. 2022-03-03 14:19:59 +01:00
Dimitris Apostolou
c7be51a11b
Fix typos 2022-02-18 15:51:03 +02:00
W.C.A. Wijngaards
c29b0e0a96 - Fix for #611: Integer overflow in sldns_wire2str_pkt_scan. 2022-02-03 09:03:09 +01:00
George Thessalonikefs
506d24c7a6 Changelog entry for #532 
- Merge PR #532 from Shchelk: Fix: buffer overflow bug.
 2022-02-02 10:48:56 +01:00
George Thessalonikefs
d81e1c999b Merge branch 'bufferoverflow' of https://github.com/Shchelk/unbound into Shchelk-bufferoverflow 2022-02-02 10:42:06 +01:00
gthess
1199482372
Merge pull request #603 from fobser/dsa_rsa_internals 
Use OpenSSL 1.1 API to access DSA and RSA internals
 2022-02-01 17:58:11 +01:00
gthess
b93aa79a05
Prefer the libressl API from when it was available 2022-02-01 17:54:42 +01:00
W.C.A. Wijngaards
12a1053dfa - Fix #610: Undefine-shift in sldns_str2wire_hip_buf. 2022-01-25 08:57:49 +01:00
Florian Obser
ff35659d5a Use OpenSSL 1.1 API to access DSA and RSA internals 
In LibreSSL 3.5, DSA and RSA internals will become opaque, so they can
no longer be accessed directly and the libunbound build will break. The
required API, DSA_set0_pqg(), DSA_set0_key() as well as RSA_set0_key(),
has been available since LibreSSL 2.7, so this change should not affect
any users.

From Theo Buehler.
 2022-01-11 15:34:25 +01:00
W.C.A. Wijngaards
778b50f113 - Add code similar to fix for ldns for tab between strings, for 
consistency, the test case was not broken.
 2021-12-10 09:12:58 +01:00
Dimitris Apostolou
c21d6af617
Fix typos 2021-11-13 16:56:15 +02:00
Shchelkunov Artem
0b362e3a4d
Fix: buffer overflow bug 
Found by static analyzer svace
Static analyzer message: Array 'token' of size 65536 bytes passed to
function 'rrinternal_parse_rdata' at str2wire.c:679 by passing as 2nd
parameter to function 'rrinternal_parse_rdata' at str2wire.c:775, where
it is accessed by unacceptable index. This may lead to buffer overflow.

on-behalf-of: @ideco-team <github@ideco.ru>
 2021-08-20 19:46:01 +05:00
Florian Obser
25b7eb3c7c Make sldns_str2wire_svcparam_buf() static. 
The function is only used in this translation unit and prevents a "no
previous prototype" warning.
 2021-08-16 11:27:40 +02:00
W.C.A. Wijngaards
0bdcbc80b9 - Move ECDSA functions to use OpenSSL 3.0.0 API. 2021-08-02 15:06:26 +02:00
W.C.A. Wijngaards
d242bfb73b - Move RSA and DSA to use OpenSSL 3.0.0 API. 2021-08-02 14:43:51 +02:00
W.C.A. Wijngaards
ca00814e67 - Prepare for OpenSSL 3.0.0 provider API usage, move the sldns 
keyraw functions to produce EVP_PKEY results.
 2021-08-02 13:33:32 +02:00
W.C.A. Wijngaards
ca5baef433 - Fix that ldns_zone_new_frm_fp_l counts the line number for an empty 
line after a comment.
 2021-07-21 13:58:07 +02:00
George Thessalonikefs
11d3cea823 - Fix compiler warnings for #491. 2021-07-05 15:36:27 +02:00
Tom Carpay
711087bb13 rename var to remove shadow variable 2021-07-02 14:15:33 +02:00
Tom Carpay
ab017cde0f Merge branch 'master' into svcb 2021-07-02 13:37:08 +02:00
tcarpay
877aa8df55
Apply suggestions from code review 
Co-authored-by: Willem Toorop <willem@nlnetlabs.nl>
 2021-07-02 13:14:47 +02:00
Tom Carpay
a6020e4186 change test and error to be in line with new maximum svcb params (nparams >= MAX_NUMBER_OF_SVCPARAMS) 2021-07-02 11:21:19 +02:00
Tom Carpay
543d6d5c13 fix final comment: remove superfluous assert 2021-07-02 10:53:50 +02:00
Tom Carpay
3d50c25f5b fix comments - 1 2021-07-01 16:59:48 +02:00
tcarpay
e41125495d
Apply suggestions from code review 
Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2021-07-01 12:45:14 +02:00
tcarpay
9880077190
Apply suggestions from code review 
Co-authored-by: Willem Toorop <willem@nlnetlabs.nl>
 2021-06-24 11:20:41 +02:00
tcarpay
8f27a67d01
Add code point comment to HTTPS 
Co-authored-by: Willem Toorop <willem@nlnetlabs.nl>
 2021-06-24 09:45:08 +02:00
Tom Carpay
cf02b31675 comment out sematic errors to default to secondary resolver behaviour 2021-06-23 15:03:35 +02:00
Tom Carpay
ff41de4ec3 resolve comments 2021-06-23 14:44:03 +02:00
W.C.A. Wijngaards
9d681b627f - Fix #503: DNS over HTTPS response truncated. 2021-06-23 14:05:59 +02:00
Tom Carpay
f02d9b5963 fix broken ci-build 2021-06-23 11:04:19 +02:00
tcarpay
eb9891f4ed
Apply suggestions from code review 
Co-authored-by: Willem Toorop <willem@nlnetlabs.nl>
 2021-06-23 10:53:11 +02:00
Tom Carpay
307613ea83 comment changes 2021-06-07 15:29:06 +02:00
Tom Carpay
9beea6a00c fix key parsing and incorporate testcases 2021-06-07 14:05:14 +02:00
Tom Carpay
7562edbb8c remove superfluous double escaping 2021-06-07 08:39:05 +00:00
Tom Carpay
19c63fdaf6 add key parsing and edge case tests 2021-06-07 09:54:02 +02:00
Tom Carpay
24faac236d implement todos 2021-06-02 16:26:30 +02:00
Willem Toorop
cf8418c319 Rewrite SVCB rdata in correct order 2021-06-02 12:56:54 +02:00
Willem Toorop
e5acb8f638 Correct sorting of rdata 2021-06-02 12:50:04 +02:00
Tom Carpay
41f642bfb9 add error handling 2021-06-02 12:27:48 +02:00
Tom Carpay
e89743b2b8 add check_svcbparams 2021-06-02 10:10:05 +02:00