upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-02-17 09:38:03 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
7793 commits 27 branches 209 tags 137 MiB
Commit graph

5101 commits

Author SHA1 Message Date
W.C.A. Wijngaards
30da725e67 - Fix to have empty definition when not supported for weak attribute. 2024-07-23 10:02:39 +02:00
W.C.A. Wijngaards
8de5ae3552 - Fix compile when the compiler does not support the noreturn 
attribute.
 2024-07-23 09:55:31 +02:00
W.C.A. Wijngaards
5bea29b01c - For #1110: Test for fallthrough attribute in configure and add 
fallthrough attribute annotations.
 2024-07-23 09:47:42 +02:00
Yorgos Thessalonikefs
3512eaec48 - Fix #1106: ratelimit-below-domain logs the wrong FROM address. 2024-07-23 09:07:06 +02:00
W.C.A. Wijngaards
3af4e44646 - Fix dnstap wakeup, a running wakeup timer is left to expire and not 
increased, a timer is started when the dtio thread is sleeping,
  the timer set disabled when the dtio thread goes to sleep, and
  after sleep the thread checks to see if there are messages to log
  immediately.
 2024-07-19 16:16:02 +02:00
W.C.A. Wijngaards
c3dd6a2dbd - Add dnstap-sample-rate that logs only 1/N messages, for high volume 
server environments. Thanks Dan Luther.
 2024-07-19 10:04:40 +02:00
W.C.A. Wijngaards
8fca3e7c5b - For #1103: Fix to drop mesh state reference for the http2 stream 
associated with the reply, not the currently active stream. And
  it does not remove it twice on a mesh_send_reply call. The reply
  h2_stream is NULL when not in use, for more initialisation.
 2024-07-16 14:23:10 +02:00
W.C.A. Wijngaards
8947c2c764 - For #1103: fix to also drop mesh state reference when the discard 
limit is reached, when there is an error making a new recursion
  state and when the connection is dropped with is_drop.
 2024-07-15 14:51:20 +02:00
W.C.A. Wijngaards
b1e3319a11 Merge branch 'master' of github.com:NLnetLabs/unbound 2024-07-12 16:41:58 +02:00
W.C.A. Wijngaards
d52f501d90 - For #1103: fix to also drop mesh state reference when a h2 reply is 
dropped.
 2024-07-12 16:41:46 +02:00
Yorgos Thessalonikefs
7083d58c6b - For #1102: clearer text for using interface-* options for the 
loopback interface.
 2024-07-12 16:29:44 +02:00
W.C.A. Wijngaards
3adb9c8f92 - Fix #1103: unbound 1.20.0 segmentation fault with nghttp2. 2024-07-12 16:11:29 +02:00
Yorgos Thessalonikefs
51425b2388 - Add RPZ tag tests in acl_interface.tdir. 2024-07-12 15:38:12 +02:00
W.C.A. Wijngaards
d43760a8cd - For #773: In contrib/unbound.service.in set unbound to start after 
network-online.target. Also for contrib/unbound_portable.service.in.
 2024-07-10 14:05:43 +02:00
Yorgos Thessalonikefs
ea3e327006 - Update list of known EDE codes. 2024-07-09 15:58:30 +02:00
W.C.A. Wijngaards
be09350eca - Fix shadowed error string variable in validator dnskey handling. 2024-07-08 16:50:16 +02:00
W.C.A. Wijngaards
169acfc546 - Fixup algo_needs_reason string buffer length. 2024-07-08 15:38:27 +02:00
W.C.A. Wijngaards
bed7cc2a90 - Fix that validation reason failure that uses string print uses 
separate buffer that is passed, from the scratch validation buffer.
 2024-07-08 15:29:20 +02:00
Yorgos Thessalonikefs
02f4446833 - Don't check for message TTL changes if the RRsets remain the same. 2024-07-05 19:58:19 +02:00
W.C.A. Wijngaards
c8a2289542 - Fix for #1099: Fix to check for deleted RRset when the contents 
is updated and fetched after it is stored, and also check for a
  changed RRset.
 2024-07-05 17:54:46 +02:00
W.C.A. Wijngaards
b53d90053e - Fix #1099: Unbound core dump on SIGSEGV. 2024-07-05 17:18:01 +02:00
W.C.A. Wijngaards
978b0696d3 - Fix neater printout. 2024-07-05 14:11:26 +02:00
W.C.A. Wijngaards
ec5f86b4eb - Fix for neater printout for error for missing DS response. 2024-07-05 08:49:52 +02:00
W.C.A. Wijngaards
ec2f45c6fd - Fix to print details about the failure to lookup a DNSKEY record 
when validation fails due to the missing DNSKEY. Also for key prime
  and DS lookups.
 2024-07-04 14:51:18 +02:00
W.C.A. Wijngaards
6b319c97ee - Fix compile warnings in fptr_wlist.c. 2024-07-03 16:42:52 +02:00
W.C.A. Wijngaards
6eb3992c9e - Fix to remove unneeded linebreak in fptr_wlist.c. 2024-07-03 15:51:22 +02:00
W.C.A. Wijngaards
94a94fd8c8 - Fix to use modstack_init in zonemd unit test. 2024-07-03 15:49:13 +02:00
W.C.A. Wijngaards
36f9d1a2a9 - Add unit test skip files and bison and flex output to gitignore. 2024-07-03 14:59:39 +02:00
W.C.A. Wijngaards
d3a2264272 Changelog entry for #144 and #1098 
- Fix #144: Port ipset to BSD pf tables.
 2024-07-03 14:53:42 +02:00
Yorgos Thessalonikefs
96f8a94c19 - Fix for repeated use of a DNAME record: first overallocate and then 
move the exact size of the init value to avoid false positive heap
  overflow reads from address sanitizers.
 2024-07-03 10:08:44 +02:00
W.C.A. Wijngaards
2fe4e2ec3e - Fix compile warning in worker pthread id printout. 2024-07-02 09:44:58 +02:00
W.C.A. Wijngaards
e54928a628 - Fix unused variable warning in do_cache_remove. 2024-07-02 09:33:22 +02:00
W.C.A. Wijngaards
538434186e - Fix to remove unused include from the readzone test program. 2024-07-02 09:31:34 +02:00
W.C.A. Wijngaards
7fbc061846 - Fix ip-ratelimit-cookie setting, it was not applied. 2024-06-27 14:51:58 +02:00
Yorgos Thessalonikefs
70f73a33b3 - Explicitly set the RD bit for the mesh query flags when prefetching. 
These queries have no waiting client but they need to be treated as
  recursive.
 2024-06-26 15:51:58 +02:00
Yorgos Thessalonikefs
b67fbb69e7 - Fix pkg-config availability check in dnstap/dnstap.m4 and 
systemd.m4.
- autoconf.
 2024-06-21 14:34:12 +02:00
Yorgos Thessalonikefs
902c79608c - Fix #1092: Ubuntu 22.04 Jammy fails to compile unbound 1.20.0; by 
adding helpful text for the Python interpreter version and allowing
  the default pkg-config unavailability error message to be shown.
- autoconf.
 2024-06-19 15:27:50 +02:00
W.C.A. Wijngaards
08050dc939 - Fix #1091: Build fails with OpenSSL >= 3.0 built with 
OPENSSL_NO_DEPRECATED.
 2024-06-17 12:28:45 +02:00
W.C.A. Wijngaards
9603924bb4 - Add unit test for validation of repeated use of a DNAME record. 2024-06-07 11:56:19 +02:00
W.C.A. Wijngaards
4c2da2b979 - Fix validation for repeated use of a DNAME record. 2024-06-06 15:28:21 +02:00
W.C.A. Wijngaards
1974732d19 - Fix typos for 'the the' in text. 2024-06-06 09:35:57 +02:00
W.C.A. Wijngaards
3cad5818a1 - Fix memory leak in setup of dsa sig. 2024-06-06 09:30:09 +02:00
Yorgos Thessalonikefs
ad12109191 - Merge #1080: AddressSanitizer detection in tdir tests and memory leak 
fixes.
 2024-06-04 17:34:58 +02:00
W.C.A. Wijngaards
86fe9cbce5 - Fix to squelch connection reset by peer errors from log. And fix 
that the tcp read errors are labeled as initial for the first calls.
 2024-06-03 12:14:51 +02:00
W.C.A. Wijngaards
4b30e88eec - Fix for #1079: fix RPZ taglist in iterator callback that no client 
info is like no taglist intersection.
 2024-05-30 12:44:26 +02:00
W.C.A. Wijngaards
b6c7ea563f - Fix #1079: tags from tagged rpz zones are no longer honored after 
upgrade from 1.19.3 to 1.20.0.
 2024-05-30 12:11:30 +02:00
W.C.A. Wijngaards
910d7cf446 Changelog note for #1078. 
- Merge #1078: Only check old pid if no username.
 2024-05-29 14:45:01 +02:00
Yorgos Thessalonikefs
5fc4673901 - Update patch to remove 'command' shell builtin and update error 
text.
 2024-05-27 17:17:48 +02:00
Yorgos Thessalonikefs
f5a2160ba3 - Fix unused variable warning on compilation with no thread support. 2024-05-27 14:56:52 +02:00
W.C.A. Wijngaards
0c0c36f015 - Fix spelling of tcp-idle-timeout docs, from Michael Tokarev. 2024-05-27 14:36:35 +02:00
W.C.A. Wijngaards
47956de897 - Fix to enable that SERVFAIL is cached, for a short period, for more 
cases. In the cases where limits are exceeded.
 2024-05-27 13:53:16 +02:00
Yorgos Thessalonikefs
b30c869a59 Changelog entry for #1059: 
- Fix #1059: Intermittent DNS blocking failure with local-zone and
  always_nxdomain. Addition of local_zones dynamically via
  unbound-control was not finding the zone's parent correctly.
 2024-05-24 15:24:52 +02:00
W.C.A. Wijngaards
7107d3c9e7 - Fix #1064: Unbound 1.20 Cachedb broken? 
Add unit test for validation status commit.
 2024-05-24 09:06:48 +02:00
W.C.A. Wijngaards
fbdc06ebc4 - Fix for #1064: Fix that cachedb expired messages are considered 
insecure, and thus can be served to clients when dnssec is enabled.
 2024-05-21 17:06:18 +02:00
W.C.A. Wijngaards
d149e755fd - Fix for parse end of forward-zone, stub-zone and view. 2024-05-21 12:04:57 +02:00
W.C.A. Wijngaards
86ee8ccd12 - Fix to print a parse error when config is read with no name for 
a forward-zone, stub-zone or view.
 2024-05-21 11:54:18 +02:00
W.C.A. Wijngaards
8d6a1ba811 Changelog note for #1073. 
- Merge #1073: fix null pointer dereference issue in function
  ub_ctx_set_fwd.
 2024-05-21 11:52:47 +02:00
Yorgos Thessalonikefs
2e70506763 Changelog entry for #1069: 
- Merge #1069: Fix unbound-control stdin commands for multi-process
  Unbounds.
 2024-05-17 10:31:20 +02:00
Yorgos Thessalonikefs
7f184c8ca8
Fix unbound-control stdin commands for multi-process Unbounds (#1069) 
- Fix unbound-control commands that read stdin in multi-process
  operation (local_zones_remove, local_zones, local_datas_remove,
  local_datas, view_local_datas_remove, view_local_datas). They will
  be properly distributed to all processes. dump_cache and load_cache
  are no longer supported in multi-process operation.

 - Remove testdata/remote-threaded.tdir. testdata/09-unbound-control.tdir
  now checks both single and multi process/thread operation.

---------

Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2024-05-17 10:25:24 +02:00
W.C.A. Wijngaards
da2b307aa3 - Fix #1071: [FR] Clear both in-memory and cachedb module cache with 
`unbound-control flush*` commands.
 2024-05-16 16:56:58 +02:00
Yorgos Thessalonikefs
739a88ceed Changelog entry for #1070: 
- Merge #1070: Fix rtt assignement for low values of
  infra-cache-max-rtt.
 2024-05-16 13:43:24 +02:00
Yorgos Thessalonikefs
1048c4a28c - Add missing common functions to tdir tests. 2024-05-15 11:20:36 +02:00
W.C.A. Wijngaards
7de009f99a - Fix when the mesh jostle is exceeded that nameserver targets are 
marked as resolved, so that the lookup is not stuck on the
  requestlist.
 2024-05-10 09:50:35 +02:00
W.C.A. Wijngaards
95669855fb - Fix to squelch udp connect errors in the log at low verbosity about 
invalid argument for IPv6 link local addresses.
 2024-05-08 16:40:41 +02:00
W.C.A. Wijngaards
56e7cade28 The code repository continues with version 1.20.1. 2024-05-08 11:10:53 +02:00
W.C.A. Wijngaards
c085a53268 - Fix for #1062: declaration before statement, avoid print of null, 
and redundant check for array size.
And changelog note for merge of #1062.
 2024-05-07 14:05:21 +02:00
W.C.A. Wijngaards
b9525c5fd4 - Set version number to 1.20.0 for release. 2024-05-01 10:15:12 +02:00
W.C.A. Wijngaards
c3206f4568 - Fix for the DNSBomb vulnerability CVE-2024-33655. Thanks to Xiang Li 
from the Network and Information Security Lab of Tsinghua University
  for reporting it.
 2024-05-01 10:10:58 +02:00
W.C.A. Wijngaards
9abed3fc83 - Fix doxygen comment for errinf_to_str_bogus. 2024-04-29 13:42:26 +02:00
Yorgos Thessalonikefs
63a6b7b255 - Cleanup unnecessary strdup calls for EDE strings. 2024-04-29 10:15:19 +02:00
W.C.A. Wijngaards
15dc8e8a3f - Man page entry for unbound-checkconf -q. 2024-04-26 14:54:25 +02:00
Yorgos Thessalonikefs
cd4a017e96 - Fix #876: [FR] can unbound-checkconf be silenced when configuration 
is valid?
 2024-04-26 14:50:39 +02:00
W.C.A. Wijngaards
82c0207fa6 - Add unit tests for cachedb and subnet cache expired data. 2024-04-26 13:33:26 +02:00
W.C.A. Wijngaards
7c5e765b3b - Fix cachedb with serve-expired-client-timeout disabled. The edns 
subnet module deletes global cache and cachedb cache when it
  stores a result, and serve-expired is enabled, so that the global
  reply, that is older than the ecs reply, does not return after
  the ecs reply expires.
 2024-04-26 13:32:15 +02:00
W.C.A. Wijngaards
f456d97a34 - Fix doc unit test for out of directory build. 2024-04-25 17:06:06 +02:00
W.C.A. Wijngaards
8b490b1540 - Fix to disable fragmentation on systems with IP_DONTFRAG, 
with a nonzero value for the socket option argument.
 2024-04-25 12:53:05 +02:00
W.C.A. Wijngaards
b3951e5885 Changelog note for #1041 and #1038. 
- Merge #1041: Stub and Forward unshare. This has one structure
  for them and fixes #1038: fatal error: Could not initialize
  thread / error: reading root hints.
 2024-04-25 11:12:27 +02:00
W.C.A. Wijngaards
07859a9ef3 - Fix configure flto check error, by finding grep for it. 2024-04-25 10:53:35 +02:00
W.C.A. Wijngaards
cb74467acb - Fix ci workflow for macos for moved install locations. 2024-04-24 16:31:44 +02:00
Yorgos Thessalonikefs
62dad42152 - Merge #1053: Remove child delegations from cache when grandchild 
delegations are returned from parent.
 2024-04-23 14:24:07 +02:00
W.C.A. Wijngaards
52aff65e35 - Fix edns subnet to sort rrset references when storing messages 
in the cache. This fixes a race condition in the rrset locks.
 2024-04-22 13:44:42 +02:00
W.C.A. Wijngaards
5994fb3db5 - Add checklock feature verbose_locking to trace locks and unlocks. 2024-04-22 13:42:35 +02:00
Yorgos Thessalonikefs
0dbcb45d28 Changelog entry for #1049: 
- Merge #1049 from Petr Menšík: Py_NoSiteFlag is not needed since
  Python 3.8
 2024-04-15 14:49:14 +02:00
W.C.A. Wijngaards
0d4c5aa421 - Fix configure, autoconf for #1048. 2024-04-15 12:17:56 +02:00
W.C.A. Wijngaards
9e60f93b84 Changelog note for #1048. 
- Fix #1048: Update ax_pkg_swig.m4 and ax_pthread.m4.
 2024-04-15 12:15:54 +02:00
W.C.A. Wijngaards
491b56d051 - Fixup cachedb to not refetch when serve-expired-client-timeout is 
used.
 2024-04-12 14:22:18 +02:00
W.C.A. Wijngaards
4d530920e0 - Fixup unit test for cachedb server expired client timeout with 
a check if response if from upstream or from cachedb.
 2024-04-12 11:51:00 +02:00
W.C.A. Wijngaards
08fb9a9209 - Fix cachedb for serve-expired with serve-expired-client-timeout. 2024-04-12 11:26:53 +02:00
W.C.A. Wijngaards
04ff2672b5 - Fix to not reply serve expired unless enabled for cachedb. 2024-04-10 17:06:01 +02:00
W.C.A. Wijngaards
d47849a26e - Fix cachedb for serve-expired with serve-expired-reply-ttl. 2024-04-10 17:01:57 +02:00
W.C.A. Wijngaards
63ee97d0fd - Fix makefile dependencies for fake_event.c. 2024-04-10 14:04:39 +02:00
W.C.A. Wijngaards
bd74a32b79 - Extended test for cachedb serve expired. 2024-04-10 13:08:23 +02:00
W.C.A. Wijngaards
b990be88ef - Add test for cachedb serve expired. 2024-04-10 12:36:21 +02:00
W.C.A. Wijngaards
d55511f1dd - Fixup compile without cachedb. 2024-04-10 11:27:08 +02:00
W.C.A. Wijngaards
d98c7b9ae3 - Implement cachedb-check-when-serve-expired: yes option, default 
is enabled. When serve expired is enabled with cachedb, it first
  checks cachedb before serving the expired response.
 2024-04-10 11:21:28 +02:00
Yorgos Thessalonikefs
a30221c5bb - Merge #1043 from xiaoxiaoafeifei: Add loongarch support; updates 
config.guess(2024-01-01) and config.sub(2024-01-01), verified
  with upstream.
 2024-04-09 17:00:59 +02:00
Yorgos Thessalonikefs
8575d5b35c - Fix #595: unbound-anchor cannot deal with full disk; it will now 
first write out to a temp file before replacing the original one,
  like Unbound already does for auto-trust-anchor-file.
 2024-04-08 14:15:03 +02:00
W.C.A. Wijngaards
ba16e41160 - Fix comment syntax for view function views_find_view. 2024-04-05 16:11:29 +02:00
Yorgos Thessalonikefs
708d5229ae - Merge #1027: Introduce 'cache-min-negative-ttl' option. 2024-04-05 11:44:37 +02:00
Yorgos Thessalonikefs
fb4a7d65d7 - Fix #369: dnstap showing extra responses; for client responses 
right from the cache when replying with expired data or
  prefetching.
 2024-04-03 15:18:13 +02:00