upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-25 00:59:37 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
2682 commits 23 branches 209 tags 123 MiB
Commit graph

372 commits

Author SHA1 Message Date
Wouter Wijngaards
83f5814a07 - Fallback to 1472 and 1232, one fragment size without headers. 
git-svn-id: file:///svn/unbound/trunk@2746 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-08-22 08:46:30 +00:00
Wouter Wijngaards
940f6d98de - Fix timeouts so that when a server has been offline for a while 
and is probed to see it works, it becomes fully available for
  server selection again.


git-svn-id: file:///svn/unbound/trunk@2745 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-08-21 07:17:48 +00:00
Wouter Wijngaards
9046a52364 - Fix that enables modules to register twice for the same 
serviced_query, without race conditions or administration issues.
  This should not happen with the current codebase, but it is robust.


git-svn-id: file:///svn/unbound/trunk@2730 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-31 11:33:06 +00:00
Wouter Wijngaards
0f1aa80123 - Fix bug#452 and another assertion failure in mesh.c, makes 
assertions in mesh.c resist duplicates.  Fixes DS NS search to
  not generate duplicate sub queries.


git-svn-id: file:///svn/unbound/trunk@2718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-20 13:08:19 +00:00
Wouter Wijngaards
42e23da129 Fix compilation without SSL. 
git-svn-id: file:///svn/unbound/trunk@2698 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-22 09:11:41 +00:00
Wouter Wijngaards
15aacbe89b code review. 
git-svn-id: file:///svn/unbound/trunk@2688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-18 14:22:29 +00:00
Wouter Wijngaards
c42a74b77c - bug #452: fix crash on assert in mesh_state_attachment. 
git-svn-id: file:///svn/unbound/trunk@2683 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-11 12:04:58 +00:00
Wouter Wijngaards
13a839d624 - Fix for accept spinning reported by OpenBSD. 
git-svn-id: file:///svn/unbound/trunk@2663 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-05-08 12:08:55 +00:00
Wouter Wijngaards
9429092966 - Fix to squelch 'network unreachable' errors from tcp connect in 
logs, high verbosity will show them.


git-svn-id: file:///svn/unbound/trunk@2634 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-23 09:01:46 +00:00
Wouter Wijngaards
773d8e3b84 Fix prefetch and stickyness. 
git-svn-id: file:///svn/unbound/trunk@2632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 11:04:53 +00:00
Wouter Wijngaards
682ff957ed lint and doxygen fixes. 
git-svn-id: file:///svn/unbound/trunk@2631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 10:08:07 +00:00
Wouter Wijngaards
03a7425ead - Fix sticky NS (ghost domain problem) if prefetch is yes. 
git-svn-id: file:///svn/unbound/trunk@2619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-14 11:06:44 +00:00
Wouter Wijngaards
850525139b debug infra lines for infa timeout counters. 
git-svn-id: file:///svn/unbound/trunk@2616 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 14:48:09 +00:00
Wouter Wijngaards
09b9ea04a3 - Fix timeouts to keep track of query type, A, AAAA and other, if 
another has caused timeout blacklist, different type can still probe.


git-svn-id: file:///svn/unbound/trunk@2613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 12:17:25 +00:00
Wouter Wijngaards
14059dca14 - Slightly smaller critical region in one case in infra cache. 
git-svn-id: file:///svn/unbound/trunk@2611 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 09:21:06 +00:00
Wouter Wijngaards
dff630c788 - Fix validation failures (like: validation failure xx: no NSEC3 
closest encloser from yy for DS zz. while building chain of trust,
         because of a bug in the TTL-fix in 1.4.15, it picked the wrong rdata
         for an NSEC3.  Now it does not change rdata, and fixes TTL.


git-svn-id: file:///svn/unbound/trunk@2599 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-01 11:18:07 +00:00
Wouter Wijngaards
589924e36c - uninitialised variable in reprobe for rtt blocked domains fixed. 
- lintfix and new flex output.


git-svn-id: file:///svn/unbound/trunk@2583 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-10 15:07:16 +00:00
Wouter Wijngaards
6dd2c0467e - Fix bug #425: unbound reports wrong TTL in reply, it reports a TTL 
that would be permissible by the RFCs but it is not the TTL in the
  cache.


git-svn-id: file:///svn/unbound/trunk@2581 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-10 09:42:32 +00:00
Wouter Wijngaards
1238b7979f - Fix for memory leak (about 20 bytes when a tcp or udp send 
operation towards authority servers failed, takes about 50.000
such failures to leak one Mb, such failures are also
usually logged), reported by Robert Fleischmann.



git-svn-id: file:///svn/unbound/trunk@2578 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-24 11:27:53 +00:00
Wouter Wijngaards
8e62925ffb fix infra cache comparison. 
git-svn-id: file:///svn/unbound/trunk@2570 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-13 12:14:40 +00:00
Wouter Wijngaards
35172e89f4 - Fix for tcp-upstream and ssl-upstream for if a laptop sleeps, 
causes SERVFAILs.  Also fixed for UDP (but less likely).


git-svn-id: file:///svn/unbound/trunk@2559 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-30 13:39:11 +00:00
Wouter Wijngaards
a1c76554a2 - Makefile changed for BSD make compatibility. 
git-svn-id: file:///svn/unbound/trunk@2544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-10 18:44:06 +00:00
Wouter Wijngaards
8f5596f643 ssl_port setting, so that the dnssec-trigger server can be on one host machine. 
git-svn-id: file:///svn/unbound/trunk@2539 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-08 10:56:42 +00:00
Wouter Wijngaards
9a0b040403 fix tests, the ssl upstream setting is per-query (inside outside_network.c). 
git-svn-id: file:///svn/unbound/trunk@2535 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-01 10:18:56 +00:00
Wouter Wijngaards
115c36a94e support for ssl-upstream (works from unbound-control). 
git-svn-id: file:///svn/unbound/trunk@2532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-01 09:26:58 +00:00
Wouter Wijngaards
aa0536dcb5 - dns over ssl support, ssl-service-pem and ssl-service-key files 
can be given and then TCP queries are serviced wrapped in SSL.


git-svn-id: file:///svn/unbound/trunk@2530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-31 14:48:48 +00:00
Wouter Wijngaards
11f5e16932 infra cache consolidated and stores per zone, IP. 
git-svn-id: file:///svn/unbound/trunk@2525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-26 15:46:23 +00:00
Wouter Wijngaards
0f825eb283 - Fix make_new_space function so that the incoming query is not 
overwritten if a jostled out query causes a waiting query to be
  resumed that then fails and sends an error message.  (Thanks to
  Matthew Lee).


git-svn-id: file:///svn/unbound/trunk@2523 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-24 13:49:59 +00:00
Wouter Wijngaards
684429e6c8 - better documentation for inform_super (Thanks Yang Zhe). 
git-svn-id: file:///svn/unbound/trunk@2512 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-17 13:11:58 +00:00
Wouter Wijngaards
68d82e9ce4 - TCP-upstream calculates tcp-ping so server selection works if there 
are alternatives.


git-svn-id: file:///svn/unbound/trunk@2502 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-23 12:56:28 +00:00
Wouter Wijngaards
f82a0847eb - max sent count. EDNS1480 only for rtt < 5000. No promiscuous 
fetch if sentcount > 3, stop query if sentcount > 16.  Count is
reset when referral or CNAME happens.  This makes unbound better
at managing large NS sets, they are explored when there is continued
interest (in the form of queries).


git-svn-id: file:///svn/unbound/trunk@2499 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 14:11:12 +00:00
Wouter Wijngaards
c3f5b5f773 fixup compilation. 
git-svn-id: file:///svn/unbound/trunk@2498 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 12:43:07 +00:00
Wouter Wijngaards
b72d40f3dd - fix various compiler warnings (reported by Paul Wouters). 
git-svn-id: file:///svn/unbound/trunk@2497 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 11:35:01 +00:00
Wouter Wijngaards
c4cac78f10 fix EDNS1480. 
git-svn-id: file:///svn/unbound/trunk@2496 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 10:04:08 +00:00
Wouter Wijngaards
365f87a4a4 fix memleak and add edns section when 1480 probe. 
git-svn-id: file:///svn/unbound/trunk@2493 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-15 15:35:04 +00:00
Wouter Wijngaards
1af30c02fc After UDP timeout EDNS1480 probe, stop fragmentation caused trouble. 
git-svn-id: file:///svn/unbound/trunk@2492 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-15 14:32:17 +00:00
Wouter Wijngaards
af93d6033c revert earlier commit. 
git-svn-id: file:///svn/unbound/trunk@2488 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-12 11:28:14 +00:00
Wouter Wijngaards
d56aef7b33 - Fix validation failures due to EDNS backoff retries, the retry 
for fetch of data has want_dnssec because the iter_indicate_dnssec
         function returns true when validation failure retry happens, and
         then the serviced query code does not fallback to noEDNS, even if
         the cache says it has this.  This helps for DLV deployment when
         the DNSSEC status is not known for sure before the lookup concludes.


git-svn-id: file:///svn/unbound/trunk@2483 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-26 09:00:43 +00:00
Wouter Wijngaards
05e118b7d5 tcp upstream option. 
git-svn-id: file:///svn/unbound/trunk@2480 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 13:58:40 +00:00
Wouter Wijngaards
3d2156dacc - Unbound implements RFC6303 (since version 1.4.7). 
git-svn-id: file:///svn/unbound/trunk@2463 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-07-14 08:17:11 +00:00
Wouter Wijngaards
59f5480df1 - fix replyaddr count wrong after jostled queries, which leads to 
eventual starvation where the daemon has no replyaddrs left to use.


git-svn-id: file:///svn/unbound/trunk@2445 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-06-30 11:01:44 +00:00
Wouter Wijngaards
ca38a8bd55 - feature, ignore-cd-flag: yesno to provide dnssec to legacy servers. 
git-svn-id: file:///svn/unbound/trunk@2414 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-05-10 11:20:14 +00:00
Wouter Wijngaards
efb9c02d54 - iana portlist updated. 
- queries with CD flag set cause DNSSEC validation, but the answer is
  not withheld if it is bogus.  Thus, unbound will retry if it is bad
  and curb the TTL if it is bad, thus protecting the cache for use by
  downstream validators.


git-svn-id: file:///svn/unbound/trunk@2409 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-04-08 13:58:41 +00:00
Wouter Wijngaards
3c87eb6c49 - harden-below-nxdomain: changed so that it activates when the 
cached nxdomain is dnssec secure.  This avoids backwards
         incompatibility because those old servers do not have dnssec.


git-svn-id: file:///svn/unbound/trunk@2407 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-03-29 09:47:54 +00:00
Matthijs Mekking
797ef20155 nicely outlined 
git-svn-id: file:///svn/unbound/trunk@2378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-17 13:59:07 +00:00
Wouter Wijngaards
5feb72d1eb fix 
git-svn-id: file:///svn/unbound/trunk@2376 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:58:05 +00:00
Wouter Wijngaards
22ac684cd9 and store bogus ttl (this is not picked out of the cache to send to, so saves work and avoids this target) 
git-svn-id: file:///svn/unbound/trunk@2375 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:51:11 +00:00
Wouter Wijngaards
e2dc829258 store if ttl expired 
git-svn-id: file:///svn/unbound/trunk@2374 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:23:51 +00:00
Wouter Wijngaards
f5a97a3e8f - Fix so a changed NS RRset does not get moved name stuck on old 
server, for type NS the TTL is not increased.


git-svn-id: file:///svn/unbound/trunk@2373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 13:56:25 +00:00
Wouter Wijngaards
0bc54677db - Fix in infra cache that could cause rto larger than TOP_TIMEOUT kept. 
git-svn-id: file:///svn/unbound/trunk@2361 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-23 10:49:47 +00:00