upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-06 06:49:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
3192 commits 23 branches 209 tags 124 MiB
Commit graph

107 commits

Author SHA1 Message Date
Wouter Wijngaards
49250ef291 - Fix #644: harden-algo-downgrade option, if turned off, fixes the 
reported excessive validation failure when multiple algorithms
  are present.  It allows the weakest algorithm to validate the zone.


git-svn-id: file:///svn/unbound/trunk@3354 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-09 13:30:37 +00:00
Wouter Wijngaards
3ef33154e5 - infra-cache-min-rtt patch from Florian Riehm, for expected long 
uplink roundtrip times.


git-svn-id: file:///svn/unbound/trunk@3328 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-02 08:46:22 +00:00
Wouter Wijngaards
df73be98bd - patch for remote control over local sockets, from Dag-Erling 
Smorgrav, Ilya Bakulin.  Use control-interface: /path/sock and
  control-use-cert: no.


git-svn-id: file:///svn/unbound/trunk@3304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:12:59 +00:00
Wouter Wijngaards
8ccba42b1f - dnstap support, with a patch from Farsight Security, written by 
Robert Edmonds. The --enable-dnstap needs libfstrm and protobuf-c.
  It is BSD licensed (see dnstap/dnstap.c).
  Building with --enable-dnstap needs pkg-config with this patch.
- Noted dnstap in doc/README and doc/CREDITS.


git-svn-id: file:///svn/unbound/trunk@3206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-05 07:57:52 +00:00
Wouter Wijngaards
04bacd679b - Changes from DNS64: 
strcpy changed to memmove.
  arraybound check fixed from prefix_net/8/4 to prefix_net/8+4.
  allocation of result consistently in the correct region.
  time_t is now used for ttl in unbound (since the patch's version).


git-svn-id: file:///svn/unbound/trunk@3199 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-07-31 08:00:38 +00:00
Wouter Wijngaards
45022b6add - DNS64 from Viagenie (BSD Licensed), written by Simon Perrault. 
Initial commit of the patch from the FreeBSD base (with its fixes).
  This adds a module (for module-config in unbound.conf) dns64 that
  performs DNS64 processing, see README.DNS64.


git-svn-id: file:///svn/unbound/trunk@3198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-07-31 07:15:33 +00:00
Wouter Wijngaards
bdc57e5be5 - Feature, unblock-lan-zones: yesno that you can use to make unbound 
perform 10.0.0.0/8 and other reverse lookups normally, for use if
  unbound is running service for localhost on localhost.


git-svn-id: file:///svn/unbound/trunk@3133 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-05-20 10:38:32 +00:00
Wouter Wijngaards
d8e5a83392 - delay-close: msec option that delays closing ports for which 
the UDP reply has timed out.  Keeps the port open, only accepts
  the correct reply.  This correct reply is not used, but the port
  is open so that no port-denied ICMPs are generated.


git-svn-id: file:///svn/unbound/trunk@3058 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-28 14:35:55 +00:00
Wouter Wijngaards
60511959ab - so-reuseport: yesno option to distribute queries evenly over 
threads on Linux (Thanks Robert Edmonds).


git-svn-id: file:///svn/unbound/trunk@3049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-24 11:43:38 +00:00
Wouter Wijngaards
e704e27be6 interface: and ip-address: 
also includes for newer ldns in pythonmod. 


git-svn-id: file:///svn/unbound/trunk@3014 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-11-06 02:48:59 +00:00
Wouter Wijngaards
de07375a9c review fixes. 
git-svn-id: file:///svn/unbound/trunk@2940 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 14:14:08 +00:00
Wouter Wijngaards
b2274bedd9 - max include of 100.000 files (depth and globbed at one time). 
This is to preserve system memory in bug cases, or endless cases.


git-svn-id: file:///svn/unbound/trunk@2928 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-07-26 13:11:53 +00:00
Wouter Wijngaards
f7bf35b23a - Max include depth is unlimited. 
git-svn-id: file:///svn/unbound/trunk@2909 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-06-10 13:37:14 +00:00
Wouter Wijngaards
ff1dbe4fcc - Implement max-udp-size config option, default 4096 (thanks 
Daisuke Higashi).


git-svn-id: file:///svn/unbound/trunk@2893 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-25 11:55:46 +00:00
Wouter Wijngaards
2be3e34658 - Fix so that for a configuration line of include: "*.conf" it is not 
an error if there are no files matching the glob pattern.


git-svn-id: file:///svn/unbound/trunk@2883 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-15 07:57:08 +00:00
Wouter Wijngaards
9c4bbfd37d - include: directive in config file accepts wildcards. Patch from 
Paul Wouters.  Suggested use: include: "/etc/unbound.d/conf.d/*"


git-svn-id: file:///svn/unbound/trunk@2765 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-09-27 08:52:37 +00:00
Wouter Wijngaards
cf147df593 - Applied patch from Daisuke HIGASHI for rrset-roundrobin and 
minimal-responses features.


git-svn-id: file:///svn/unbound/trunk@2658 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-04-10 09:16:39 +00:00
Wouter Wijngaards
1736d8078a - forward-first option. Tries without forward if a query fails. 
Also stub-first option that is similar.


git-svn-id: file:///svn/unbound/trunk@2637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:16:40 +00:00
Wouter Wijngaards
8f5596f643 ssl_port setting, so that the dnssec-trigger server can be on one host machine. 
git-svn-id: file:///svn/unbound/trunk@2539 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-08 10:56:42 +00:00
Wouter Wijngaards
aa0536dcb5 - dns over ssl support, ssl-service-pem and ssl-service-key files 
can be given and then TCP queries are serviced wrapped in SSL.


git-svn-id: file:///svn/unbound/trunk@2530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-31 14:48:48 +00:00
Wouter Wijngaards
05e118b7d5 tcp upstream option. 
git-svn-id: file:///svn/unbound/trunk@2480 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 13:58:40 +00:00
Wouter Wijngaards
8def9c1043 - log-queries: yesno option, default is no, prints querylog. 
git-svn-id: file:///svn/unbound/trunk@2429 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-06-16 13:15:57 +00:00
Wouter Wijngaards
ca38a8bd55 - feature, ignore-cd-flag: yesno to provide dnssec to legacy servers. 
git-svn-id: file:///svn/unbound/trunk@2414 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-05-10 11:20:14 +00:00
Wouter Wijngaards
78cc3d8ae1 harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove. 
Default off (for now), as some older software that gives nxdomain for ENT
would be incompatible.  But that would only happen in the reverse tree, and
such software (nonDNSSEC) may go out of style, so in the future a default yes
could be possible.



git-svn-id: file:///svn/unbound/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-18 08:49:15 +00:00
Wouter Wijngaards
8c5b3d3c8f - so-sndbuf option for very busy servers, a bit like so-rcvbuf. 
git-svn-id: file:///svn/unbound/trunk@2344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-15 14:30:34 +00:00
Wouter Wijngaards
271445fa4d - Fix bug#308: spelling error in variable name in parser and lexer. 
git-svn-id: file:///svn/unbound/trunk@2110 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-06 05:23:49 +00:00
Wouter Wijngaards
12c9c68dce no double include in lexer 
git-svn-id: file:///svn/unbound/trunk@2095 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-26 08:53:53 +00:00
Wouter Wijngaards
bcd1ac7599 prefetch-key feature. 
git-svn-id: file:///svn/unbound/trunk@1956 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-13 13:33:18 +00:00
Wouter Wijngaards
43d228c5bc Doc fix and work on prefetch feature. 
git-svn-id: file:///svn/unbound/trunk@1951 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-07 14:38:18 +00:00
Wouter Wijngaards
c253c24202 Fix bug #284. 
git-svn-id: file:///svn/unbound/trunk@1923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-30 13:07:39 +00:00
Wouter Wijngaards
5b66f07e38 edns-buffer-size option. 
git-svn-id: file:///svn/unbound/trunk@1881 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-29 10:37:44 +00:00
Wouter Wijngaards
d59a8baec2 so-rcvbuf option. 
git-svn-id: file:///svn/unbound/trunk@1851 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-25 08:54:50 +00:00
Wouter Wijngaards
7d90b75ce8 autotrust options 
git-svn-id: file:///svn/unbound/trunk@1776 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-25 08:46:33 +00:00
Wouter Wijngaards
3251765048 autotrust work 
git-svn-id: file:///svn/unbound/trunk@1758 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-12 15:26:47 +00:00
Wouter Wijngaards
72aa0bad92 Log option for bogus only. 
git-svn-id: file:///svn/unbound/trunk@1734 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-07-20 14:22:29 +00:00
Wouter Wijngaards
d1a27b6d34 python include and configlexer fwrite warning. 
git-svn-id: file:///svn/unbound/trunk@1608 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-17 12:14:43 +00:00
Wouter Wijngaards
768c4b2643 min-ttl option and tests for min-ttl and max-ttl. 
git-svn-id: file:///svn/unbound/trunk@1598 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-14 10:10:11 +00:00
Wouter Wijngaards
4ad2eb2549 detect gost. 
git-svn-id: file:///svn/unbound/trunk@1595 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-09 15:23:14 +00:00
Wouter Wijngaards
1e1ac9900a signature clock skew code. 
git-svn-id: file:///svn/unbound/trunk@1590 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-06 14:09:33 +00:00
Wouter Wijngaards
0799d77798 python contribution from Zdenek Vasicek and Marek Vavrusa (BSD licensed). 
git-svn-id: file:///svn/unbound/trunk@1556 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-25 14:47:47 +00:00
Wouter Wijngaards
97a73402fc inverse trust anchor. 
git-svn-id: file:///svn/unbound/trunk@1533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-18 14:02:46 +00:00
Wouter Wijngaards
7a2c1c8d47 new configure and lexer fix. 
git-svn-id: file:///svn/unbound/trunk@1500 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-27 09:38:11 +00:00
Wouter Wijngaards
63d3cb7ff4 log-time-ascii option 
git-svn-id: file:///svn/unbound/trunk@1465 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-06 12:51:45 +00:00
Wouter Wijngaards
cb925371ef fixup lexer. 
git-svn-id: file:///svn/unbound/trunk@1462 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-06 10:45:40 +00:00
Wouter Wijngaards
2b873f1b57 - config parser changed. Gives some syntax errors closer to where they 
occurred. Does not enforce a space after keyword anymore.
  Does not allow literal newlines inside quoted strings anymore.



git-svn-id: file:///svn/unbound/trunk@1460 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-06 10:19:16 +00:00
Wouter Wijngaards
2705aaaad9 Nicer error for typo in include directive. 
git-svn-id: file:///svn/unbound/trunk@1459 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-06 08:53:00 +00:00
Wouter Wijngaards
c1ae463da5 chrooted include file fix 
git-svn-id: file:///svn/unbound/trunk@1411 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-06 15:47:15 +00:00
Wouter Wijngaards
6cebdd2baf unwanted reply threshold like in the draft. 
git-svn-id: file:///svn/unbound/trunk@1321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-22 14:36:46 +00:00
Wouter Wijngaards
83a017d3d1 stub-prime option. 
git-svn-id: file:///svn/unbound/trunk@1319 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-22 12:01:40 +00:00
Wouter Wijngaards
351ef6e252 Option for DOS protection on slower links. 
git-svn-id: file:///svn/unbound/trunk@1282 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-06 09:28:50 +00:00