upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-27 18:20:02 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
5068 commits 23 branches 209 tags 124 MiB
Commit graph

314 commits

Author SHA1 Message Date
W.C.A. Wijngaards
bdb6c153e4 - Please doxygen's parser for "@" occurrence in doxygen comment. 2019-08-16 12:21:40 +02:00
W.C.A. Wijngaards
b4b0065554 Fixup space in error message. 2019-07-19 12:51:37 +02:00
W.C.A. Wijngaards
c94e13220b - Fix #49: Set no renegotiation on the SSL context to stop client 
session renegotiation.
 2019-07-19 08:18:06 +02:00
W.C.A. Wijngaards
36819adcc2 Nicer spelling and layout. 2019-06-25 15:14:07 +02:00
W.C.A. Wijngaards
da46ea24d5 - For #45, check that 127.0.0.1 and ::1 are not used in unbound.conf 
when do-not-query-localhost is turned on, or at default on,
  unbound-checkconf prints a warning if it is found in forward-addr or
  stub-addr statements.
 2019-06-25 14:50:49 +02:00
Kevin Chu
1a48bdebb5 Add support for ipset 2019-05-02 19:43:30 +08:00
Wouter Wijngaards
510606dd1c - Patch for TLS session resumption from Manabu Sonoda, 
enable with tls-session-ticket-keys in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@5059 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 09:35:52 +00:00
Wouter Wijngaards
8b18d1a0a4 - unbound-control stats has mem.streamwait that counts TCP and TLS 
waiting result buffers.


git-svn-id: file:///svn/unbound/trunk@5050 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-22 13:20:06 +00:00
Wouter Wijngaards
81ded6124d - Fix that unbound-checkconf does not complains if the config file 
is not placed inside the chroot.


git-svn-id: file:///svn/unbound/trunk@4995 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-29 12:55:13 +00:00
Wouter Wijngaards
59e6f149a7 - Fix that unbound-control can send file for view_local_datas. 
git-svn-id: file:///svn/unbound/trunk@4978 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-26 13:55:36 +00:00
Wouter Wijngaards
470806b097 - Add unbound-control view_local_datas command, like local_datas. 
git-svn-id: file:///svn/unbound/trunk@4977 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-26 13:37:23 +00:00
Wouter Wijngaards
6429b5c298 - Fix #4192: unbound-control-setup generates keys not readable by 
group.


git-svn-id: file:///svn/unbound/trunk@4942 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-22 10:07:13 +00:00
Wouter Wijngaards
d275505df6 - annotate exit functions with noreturn in unbound-control. 
git-svn-id: file:///svn/unbound/trunk@4906 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 14:43:43 +00:00
Wouter Wijngaards
f7516e6b2b - nicer bio free code in unbound-anchor. 
git-svn-id: file:///svn/unbound/trunk@4905 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 12:49:37 +00:00
Wouter Wijngaards
2e9d09b961 - initialize statistics totals for printout. 
- in authzone check that node exists before adding rrset.
	- in unbound-anchor, use readwrite memory BIO.
	- assertion in autotrust that packed rrset is formed correctly.


git-svn-id: file:///svn/unbound/trunk@4903 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 12:20:41 +00:00
Wouter Wijngaards
9a82526b91 - exit log routine is annotated as noreturn function. 
- free memory leaks in config strlist and str2list insert functions.
- do not move unused argv variable after getopt.
- Remove unused if clause in testcode.


git-svn-id: file:///svn/unbound/trunk@4896 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 08:58:21 +00:00
Wouter Wijngaards
00ba747be7 - #4146: num.query.subnet and num.query.subnet_cache counters. 
git-svn-id: file:///svn/unbound/trunk@4867 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-21 14:14:28 +00:00
Wouter Wijngaards
a07337fd6d Breakout at end. 
git-svn-id: file:///svn/unbound/trunk@4845 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 09:07:31 +00:00
Wouter Wijngaards
c580e0e33c Fixup 
git-svn-id: file:///svn/unbound/trunk@4843 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 08:46:13 +00:00
Wouter Wijngaards
d2f7999b4e - unbound-checkconf checks if modules exist and prints if they are 
not compiled in the name of the wrong module.


git-svn-id: file:///svn/unbound/trunk@4842 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 08:33:56 +00:00
Wouter Wijngaards
586b811b87 - Patch to implement tcp-connection-limit from Jim Hague (Sinodun). 
This limits the number of simultaneous TCP client connections
  from a nominated netblock.
And a simple test for TCP connection limit.


git-svn-id: file:///svn/unbound/trunk@4835 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 11:57:42 +00:00
George Thessalonikefs
749d1b9ebc - Expose if a query (or a subquery) was ratelimited (not src IP 
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
  This also introduces a change to 'ub_event_callback_type' in
  libunbound/unbound-event.h.
- Tidy pylib tests.


git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 14:00:46 +00:00
Wouter Wijngaards
c887ae1022 - Fix #4139: Fix unbound-host leaks memory on ANY. 
git-svn-id: file:///svn/unbound/trunk@4821 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 11:58:19 +00:00
Wouter Wijngaards
38e77d50f2 - Fix #4129 unbound-control error message with wrong cert permissions 
is too cryptic.


git-svn-id: file:///svn/unbound/trunk@4791 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-19 06:22:11 +00:00
Wouter Wijngaards
81e9f82a8d - Fix #4112: Fix that unbound-anchor -f /etc/resolv.conf will not pass 
if DNSSEC is not enabled.  New option -R allows fallback from
  resolv.conf to direct queries.


git-svn-id: file:///svn/unbound/trunk@4770 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-04 10:02:16 +00:00
Wouter Wijngaards
755233c720 - num.queries.tls counter for queries over TLS. 
git-svn-id: file:///svn/unbound/trunk@4759 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-28 08:15:47 +00:00
Wouter Wijngaards
025fdd0049 Document behaviour. 
git-svn-id: file:///svn/unbound/trunk@4753 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-21 12:51:14 +00:00
Wouter Wijngaards
5bb6dbe21c And moved -C to front. 
git-svn-id: file:///svn/unbound/trunk@4752 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-21 12:39:49 +00:00
Wouter Wijngaards
c225ced1a9 - Fix usage printout for unbound-host, hostname has to be last 
argument on BSDs and Windows.


git-svn-id: file:///svn/unbound/trunk@4751 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-21 12:31:42 +00:00
Wouter Wijngaards
8c044a616b - Fix windows unbound-control no cert bad file descriptor error. 
git-svn-id: file:///svn/unbound/trunk@4746 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-19 13:13:35 +00:00
Wouter Wijngaards
7b092127cb - Fix for unbound-control on Windows and set TCP socket parameters 
more closely.


git-svn-id: file:///svn/unbound/trunk@4743 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-19 09:40:59 +00:00
Wouter Wijngaards
b26257248d - Fix unbound-checkconf for control-use-cert. 
git-svn-id: file:///svn/unbound/trunk@4742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-18 12:15:21 +00:00
Wouter Wijngaards
c15eae814f - Fix that control-use-cert: no works for 127.0.0.1 to disable certs. 
git-svn-id: file:///svn/unbound/trunk@4738 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-18 09:04:35 +00:00
Wouter Wijngaards
abff4d1237 - unbound-control auth_zone_transfer _zone_ option starts the probe 
sequence for a master to transfer the zone from and transfers when
  a new zone version is available.


git-svn-id: file:///svn/unbound/trunk@4736 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-15 15:01:31 +00:00
Wouter Wijngaards
386f23334b - unbound-control auth_zone_reload _zone_ option rereads the zonefile. 
git-svn-id: file:///svn/unbound/trunk@4735 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-15 13:42:41 +00:00
Wouter Wijngaards
9cb404ba5f - Fix that first control-interface determines if TLS is used. Warn 
when IP address interfaces are used without TLS.


git-svn-id: file:///svn/unbound/trunk@4730 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-14 08:14:43 +00:00
Wouter Wijngaards
7153c94bd7 Fixup error print for unix pipe. 
git-svn-id: file:///svn/unbound/trunk@4720 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 08:15:44 +00:00
Wouter Wijngaards
7fd32916e8 - #4102 for NSD, but for Unbound. Named unix pipes do not use 
certificate and key files, access can be restricted with file and
  directory permissions.  The option control-use-cert is no longer
  used, and ignored if found in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@4718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 07:43:52 +00:00
Wouter Wijngaards
6b28c8ace2 - unbound-host initializes ssl (for potential DNS-over-TLS usage 
inside libunbound).


git-svn-id: file:///svn/unbound/trunk@4690 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-24 12:30:13 +00:00
Wouter Wijngaards
ea6266f736 - list_auth_zones unbound-control command. 
git-svn-id: file:///svn/unbound/trunk@4650 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-23 14:42:30 +00:00
Wouter Wijngaards
9d28279475 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: file:///svn/unbound/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
Ralph Dolmans
6ef9cafc0e - num.query.aggressive.NOERROR and num.query.aggressive.NXDOMAIN statistics 
counters


git-svn-id: file:///svn/unbound/trunk@4616 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-10 11:39:23 +00:00
Wouter Wijngaards
89ad258515 - num.query.authzone.up and num.query.authzone.down statistics counters. 
- Fix downstream auth zone, only fallback when auth zone fails to
  answer and fallback is enabled.


git-svn-id: file:///svn/unbound/trunk@4610 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 10:15:06 +00:00
Wouter Wijngaards
c515215eea - Fix unbound-control over pipe with openssl 1.1.1, the TLSv1.3 
tls_choose_sigalg routine does not allow the ciphers for the pipe,
  so use TLSv1.2.


git-svn-id: file:///svn/unbound/trunk@4606 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 13:43:05 +00:00
Wouter Wijngaards
0362614f94 auth zone, make depend, fallback, create and delete, and lease_time, 
and lock fixes.


git-svn-id: file:///svn/unbound/trunk@4466 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 10:35:20 +00:00
Wouter Wijngaards
c54dfcade9 - Fix that unbound-checkconf -f flag works with auto-trust-anchor-file 
for startup scripts to get the full pathname(s) of anchor file(s).


git-svn-id: file:///svn/unbound/trunk@4447 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-23 14:20:17 +00:00
Wouter Wijngaards
bdb6a5501a - authzone work, probe timer setup. 
git-svn-id: file:///svn/unbound/trunk@4378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-19 09:03:36 +00:00
Wouter Wijngaards
b37bc47eaa - Work on local root zone code. 
git-svn-id: file:///svn/unbound/trunk@4376 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 15:16:31 +00:00
Wouter Wijngaards
ee8f07a686 - Fix #1440: [dnscrypt] client nonce cache. 
git-svn-id: file:///svn/unbound/trunk@4351 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 08:55:08 +00:00
Wouter Wijngaards
7d17a926ac - Spelling fixes, from Phil Porada. 
git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00