upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-24 08:39:51 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
2796 commits 23 branches 209 tags 123 MiB
Commit graph

423 commits

Author SHA1 Message Date
Wouter Wijngaards
bcf5b23273 - Fix#501: forward-first does not recurse, when forward name is ".". 
git-svn-id: file:///svn/unbound/trunk@2907 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-06-10 12:25:10 +00:00
Wouter Wijngaards
d88911eed5 - Fix queries leaking up for stubs and forwards, if the configured 
nameservers all fail to answer.


git-svn-id: file:///svn/unbound/trunk@2882 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-11 10:08:34 +00:00
Wouter Wijngaards
f9137645fb - Fix crash in previous private address fixup of 22 March. 
git-svn-id: file:///svn/unbound/trunk@2880 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-09 07:38:24 +00:00
Wouter Wijngaards
2ad6ee3c72 - Fix resolve of names that use a mix of public and private addresses. 
git-svn-id: file:///svn/unbound/trunk@2868 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-03-22 09:36:33 +00:00
Wouter Wijngaards
556acaaf32 Fixup for compile on open and install paths of nss and nspr. 
git-svn-id: file:///svn/unbound/trunk@2842 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 15:50:22 +00:00
Wouter Wijngaards
18d1cf41b5 fixup nss compile with file url. 
git-svn-id: file:///svn/unbound/trunk@2841 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 15:04:07 +00:00
Wouter Wijngaards
60fa25264f fixup nss svn path. 
git-svn-id: file:///svn/unbound/trunk@2840 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 14:52:43 +00:00
Wouter Wijngaards
e1b0e38102 Fixup use of netcat. 
git-svn-id: file:///svn/unbound/trunk@2839 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 14:51:04 +00:00
Wouter Wijngaards
26f8395712 Compile test for libnss and libunbound compile mode, runs on check in. 
git-svn-id: file:///svn/unbound/trunk@2838 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 14:28:40 +00:00
Wouter Wijngaards
fefeb21cf0 - updated fwd_zero for newer nc. Updated common.sh for newer netstat. 
git-svn-id: file:///svn/unbound/trunk@2825 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-28 13:30:46 +00:00
Wouter Wijngaards
60f4c5a535 update test for new requirements. 
git-svn-id: file:///svn/unbound/trunk@2809 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-17 11:58:30 +00:00
Wouter Wijngaards
ad0ec1b45f fixup test and test name check. 
git-svn-id: file:///svn/unbound/trunk@2805 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-03 15:37:54 +00:00
Wouter Wijngaards
3b467728ec - Test that unbound can handle a CNAME at an intermediate node in 
the chain of trust (where it seeks a DS record).


git-svn-id: file:///svn/unbound/trunk@2803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-03 12:25:48 +00:00
Wouter Wijngaards
5d86f6932a - Test that unbound-control checks client credentials. 
git-svn-id: file:///svn/unbound/trunk@2802 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-03 10:58:31 +00:00
Wouter Wijngaards
1c3c7294e6 - Tested that unbound implements the RFC5155 Technical Errata id 3441. 
Unbound already implements insecure classification of an empty
  nonterminal in NSEC3 optout zone.


git-svn-id: file:///svn/unbound/trunk@2800 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-02 14:42:20 +00:00
Matthijs Mekking
79ffc1ab81 Fix validation for responses with CNAME and wildcard expanded CNAME in 
ANSWER section.



git-svn-id: file:///svn/unbound/trunk@2777 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-10-29 14:06:00 +00:00
Wouter Wijngaards
07470115e5 - fix bogus nodata cname chain not reported as bogus by validator, 
(Thanks Peter van Dijk).


git-svn-id: file:///svn/unbound/trunk@2727 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-27 13:38:00 +00:00
Wouter Wijngaards
0f1aa80123 - Fix bug#452 and another assertion failure in mesh.c, makes 
assertions in mesh.c resist duplicates.  Fixes DS NS search to
  not generate duplicate sub queries.


git-svn-id: file:///svn/unbound/trunk@2718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-20 13:08:19 +00:00
Wouter Wijngaards
fa3337d42a - new approach to NS fetches for DS lookup that works with 
cornercases, and is more robust and considers forwarders.


git-svn-id: file:///svn/unbound/trunk@2646 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-21 15:01:01 +00:00
Wouter Wijngaards
0d5441bd8a - fix to locate nameservers for DS lookup with NS fetches. 
git-svn-id: file:///svn/unbound/trunk@2645 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-19 15:44:21 +00:00
Wouter Wijngaards
1736d8078a - forward-first option. Tries without forward if a query fails. 
Also stub-first option that is similar.


git-svn-id: file:///svn/unbound/trunk@2637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:16:40 +00:00
Wouter Wijngaards
773d8e3b84 Fix prefetch and stickyness. 
git-svn-id: file:///svn/unbound/trunk@2632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 11:04:53 +00:00
Wouter Wijngaards
03a7425ead - Fix sticky NS (ghost domain problem) if prefetch is yes. 
git-svn-id: file:///svn/unbound/trunk@2619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-14 11:06:44 +00:00
Wouter Wijngaards
db33e4dbf6 fix unit test to be more reliable on slower systems. 
git-svn-id: file:///svn/unbound/trunk@2615 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 14:09:39 +00:00
Wouter Wijngaards
05aaa8a138 - unit test fix for nomem_cnametopos.rpl race condition. 
git-svn-id: file:///svn/unbound/trunk@2614 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 12:54:27 +00:00
Wouter Wijngaards
09b9ea04a3 - Fix timeouts to keep track of query type, A, AAAA and other, if 
another has caused timeout blacklist, different type can still probe.


git-svn-id: file:///svn/unbound/trunk@2613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 12:17:25 +00:00
Wouter Wijngaards
924789d877 - implement draft-ietf-dnsext-ecdsa-04; which is in IETF LC; This 
implementation is experimental at this time and not recommended
  for use on the public internet (the protocol numbers have not
  been assigned).  Needs recent ldns with --enable-ecdsa.
- fix memory leak in errorcase for DSA signatures.


git-svn-id: file:///svn/unbound/trunk@2606 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-08 13:22:44 +00:00
Wouter Wijngaards
dff630c788 - Fix validation failures (like: validation failure xx: no NSEC3 
closest encloser from yy for DS zz. while building chain of trust,
         because of a bug in the TTL-fix in 1.4.15, it picked the wrong rdata
         for an NSEC3.  Now it does not change rdata, and fixes TTL.


git-svn-id: file:///svn/unbound/trunk@2599 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-01 11:18:07 +00:00
Wouter Wijngaards
6dd2c0467e - Fix bug #425: unbound reports wrong TTL in reply, it reports a TTL 
that would be permissible by the RFCs but it is not the TTL in the
  cache.


git-svn-id: file:///svn/unbound/trunk@2581 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-10 09:42:32 +00:00
Wouter Wijngaards
65ad15da56 - Fix parse error on negative SOA RRSIGs if badly ordered in the packet. 
git-svn-id: file:///svn/unbound/trunk@2573 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-15 13:37:13 +00:00
Wouter Wijngaards
2824d0ad52 fix exit code of remote-threaded.post. 
git-svn-id: file:///svn/unbound/trunk@2552 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-11 14:33:39 +00:00
Wouter Wijngaards
cf1d2135e1 unit test for SSL upstream. 
git-svn-id: file:///svn/unbound/trunk@2543 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-09 13:20:30 +00:00
Wouter Wijngaards
11f5e16932 infra cache consolidated and stores per zone, IP. 
git-svn-id: file:///svn/unbound/trunk@2525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-26 15:46:23 +00:00
Wouter Wijngaards
17e5bba504 Fix validation of qtype ANY responses with CNAMEs (thanks Cathy Zhang and Luo Ce). 
git-svn-id: file:///svn/unbound/trunk@2477 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 12:02:50 +00:00
Wouter Wijngaards
7359d84e2f - Fix wildcard expansion no-data reply under an optout NSEC3 zone is 
validated as insecure, reported by Jia Li (lijia@cnnic.cn).


git-svn-id: file:///svn/unbound/trunk@2461 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-07-11 09:03:18 +00:00
Wouter Wijngaards
784d659e91 - Fix TTL of SOA so negative TTL is separately cached from normal TTL. 
git-svn-id: file:///svn/unbound/trunk@2416 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-05-10 12:34:47 +00:00
Wouter Wijngaards
efb9c02d54 - iana portlist updated. 
- queries with CD flag set cause DNSSEC validation, but the answer is
  not withheld if it is bogus.  Thus, unbound will retry if it is bad
  and curb the TTL if it is bad, thus protecting the cache for use by
  downstream validators.


git-svn-id: file:///svn/unbound/trunk@2409 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-04-08 13:58:41 +00:00
Wouter Wijngaards
04fa474ac3 fix test 
git-svn-id: file:///svn/unbound/trunk@2408 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-03-29 10:38:59 +00:00
Wouter Wijngaards
b4a089ff0d - Fix no ADflag for NXDOMAIN in NSEC3 optout. And wildcard in optout. 
git-svn-id: file:///svn/unbound/trunk@2397 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-03-01 12:48:45 +00:00
Wouter Wijngaards
c2299a3c5f version 3 for common.sh 
git-svn-id: file:///svn/unbound/trunk@2395 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-23 15:17:49 +00:00
Wouter Wijngaards
d8928e1b19 common.sh to version 2. 
git-svn-id: file:///svn/unbound/trunk@2392 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-18 16:11:21 +00:00
Wouter Wijngaards
1550bc65f3 use common functionality file. 
git-svn-id: file:///svn/unbound/trunk@2390 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-11 12:30:42 +00:00
Wouter Wijngaards
87296966ae - Added regression test for addition of a .net DS to the root, and 
cache effects with different TTL for glue and DNSKEY.


git-svn-id: file:///svn/unbound/trunk@2387 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-07 12:07:46 +00:00
Wouter Wijngaards
f5a97a3e8f - Fix so a changed NS RRset does not get moved name stuck on old 
server, for type NS the TTL is not increased.


git-svn-id: file:///svn/unbound/trunk@2373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 13:56:25 +00:00
Wouter Wijngaards
790cb51775 - Fix prefetch so it does not get stuck on old server for moved names. 
git-svn-id: file:///svn/unbound/trunk@2372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-13 10:13:01 +00:00
Wouter Wijngaards
4a746142cf - Fix insecure CNAME sequence marked as secure, reported by Bert Hubert. 
git-svn-id: file:///svn/unbound/trunk@2369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-11 12:32:29 +00:00
Wouter Wijngaards
003658eea0 test and cleanup. 
git-svn-id: file:///svn/unbound/trunk@2360 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-22 09:41:38 +00:00
Wouter Wijngaards
c4c8a65ff2 - fix validation in this case: CNAME to nodata for co-hosted opt-in 
NSEC3 insecure delegation, was bogus, fixed to be insecure.


git-svn-id: file:///svn/unbound/trunk@2355 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-17 10:05:56 +00:00
Wouter Wijngaards
dd8e44ac37 - feature typetransparent localzone, does not block other RR types. 
git-svn-id: file:///svn/unbound/trunk@2350 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-02 12:39:33 +00:00
Wouter Wijngaards
79f4ca6a28 Fix storage of noEDNS in the infra cache. 
iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-30 12:55:48 +00:00