W.C.A. Wijngaards
491b56d051
- Fixup cachedb to not refetch when serve-expired-client-timeout is
...
used.
2024-04-12 14:22:18 +02:00
W.C.A. Wijngaards
4d530920e0
- Fixup unit test for cachedb server expired client timeout with
...
a check if response if from upstream or from cachedb.
2024-04-12 11:51:00 +02:00
W.C.A. Wijngaards
08fb9a9209
- Fix cachedb for serve-expired with serve-expired-client-timeout.
2024-04-12 11:26:53 +02:00
W.C.A. Wijngaards
04ff2672b5
- Fix to not reply serve expired unless enabled for cachedb.
2024-04-10 17:06:01 +02:00
W.C.A. Wijngaards
d47849a26e
- Fix cachedb for serve-expired with serve-expired-reply-ttl.
2024-04-10 17:01:57 +02:00
W.C.A. Wijngaards
63ee97d0fd
- Fix makefile dependencies for fake_event.c.
2024-04-10 14:04:39 +02:00
W.C.A. Wijngaards
bd74a32b79
- Extended test for cachedb serve expired.
2024-04-10 13:08:23 +02:00
W.C.A. Wijngaards
b990be88ef
- Add test for cachedb serve expired.
2024-04-10 12:36:21 +02:00
W.C.A. Wijngaards
d55511f1dd
- Fixup compile without cachedb.
2024-04-10 11:27:08 +02:00
W.C.A. Wijngaards
d98c7b9ae3
- Implement cachedb-check-when-serve-expired: yes option, default
...
is enabled. When serve expired is enabled with cachedb, it first
checks cachedb before serving the expired response.
2024-04-10 11:21:28 +02:00
Yorgos Thessalonikefs
a30221c5bb
- Merge #1043 from xiaoxiaoafeifei: Add loongarch support; updates
...
config.guess(2024-01-01) and config.sub(2024-01-01), verified
with upstream.
2024-04-09 17:00:59 +02:00
Yorgos Thessalonikefs
8575d5b35c
- Fix #595 : unbound-anchor cannot deal with full disk; it will now
...
first write out to a temp file before replacing the original one,
like Unbound already does for auto-trust-anchor-file.
2024-04-08 14:15:03 +02:00
W.C.A. Wijngaards
ba16e41160
- Fix comment syntax for view function views_find_view.
2024-04-05 16:11:29 +02:00
Yorgos Thessalonikefs
708d5229ae
- Merge #1027 : Introduce 'cache-min-negative-ttl' option.
2024-04-05 11:44:37 +02:00
Yorgos Thessalonikefs
fb4a7d65d7
- Fix #369 : dnstap showing extra responses; for client responses
...
right from the cache when replying with expired data or
prefetching.
2024-04-03 15:18:13 +02:00
Yorgos Thessalonikefs
91e8e0e511
- Fix #1035 : Potential Bug while parsing port from the "stub-host"
...
string; also affected forward-zones and remote-control host
directives.
2024-04-03 13:37:57 +02:00
W.C.A. Wijngaards
dfff8d23cf
- For #1040 : adjust error text and disallow negative ports in other
...
parts of cfg_mark_ports.
2024-04-03 10:16:18 +02:00
W.C.A. Wijngaards
103d9a68fa
Changelog note for #1040
...
- Fix #1040 : fix heap-buffer-overflow issue in function cfg_mark_ports
of file util/config_file.c.
2024-04-03 10:03:04 +02:00
W.C.A. Wijngaards
e1aeabde44
- Fix for crypto related failures to have a better error string.
2024-03-28 09:58:57 +01:00
W.C.A. Wijngaards
6d1e61173b
- Fix #1034 : DoT forward-zone via unbound-control.
2024-03-28 09:58:03 +01:00
W.C.A. Wijngaards
6f82b5be4a
- Fix that the server does not chown the pidfile.
2024-03-27 14:52:25 +01:00
W.C.A. Wijngaards
192f1b0e2b
- Fix that when the server truncates the pidfile, it does not follow
...
symbolic links.
2024-03-27 14:07:54 +01:00
W.C.A. Wijngaards
238a796e38
- Fix to add unit test for lruhash space that exercises the routines.
2024-03-27 13:33:46 +01:00
W.C.A. Wijngaards
fe393ac355
- Fix comment in lruhash space function.
2024-03-27 12:30:00 +01:00
W.C.A. Wijngaards
3ea078baf6
- Fix for #1032 , add safeguard to make table space positive.
2024-03-27 11:49:20 +01:00
W.C.A. Wijngaards
eb3e1ae24f
- Fix #1032 : The size of subnet_msg_cache calculation mistake cause
...
memory usage increased beyond expectations.
2024-03-27 11:45:34 +01:00
W.C.A. Wijngaards
c2b20c585e
- Fix name of unit test for subnet cache response.
2024-03-27 11:43:55 +01:00
Yorgos Thessalonikefs
07561964fc
- For #831 : Format text, use exclamation icon and explicit label
...
names.
2024-03-25 22:02:08 +01:00
Yorgos Thessalonikefs
ce8c1ce5b0
Changelog entry for #831
...
- Merge #831 from Pierre4012: Improve Windows NSIS installer
script (setup.nsi).
2024-03-25 16:46:25 +01:00
W.C.A. Wijngaards
73bd5a19aa
- Fix localdata and rpz localdata to match CNAME only if no direct
...
type match is available.
2024-03-19 10:21:10 +01:00
W.C.A. Wijngaards
fef974ca5c
- Fix rpz so that rpz CNAME can apply after rpz CNAME. And fix that
...
clientip and nsip can give a CNAME.
2024-03-19 09:32:53 +01:00
W.C.A. Wijngaards
8dbf46913b
- Fix rpz for qtype CNAME after nameserver trigger.
2024-03-18 14:36:29 +01:00
W.C.A. Wijngaards
e46b188fe8
- Add rpz unit test for nsip action override.
2024-03-18 14:11:43 +01:00
W.C.A. Wijngaards
e6b1f9a4c3
- Fix rpz that copies the cname override completely to the temp
...
region, so there are no references to the rpz region.
2024-03-18 13:52:59 +01:00
W.C.A. Wijngaards
39cfc8c1c0
- Fix rpz, it follows iterator CNAMEs for nsip and nsdname and sets
...
the reply query_info values, that is better for debug logging.
2024-03-18 12:45:00 +01:00
W.C.A. Wijngaards
79e25e192c
- Fix that rpz CNAME content is limited to the max number of cnames.
2024-03-18 11:25:29 +01:00
Yorgos Thessalonikefs
792089f523
Merge branch 'features/makedist-persist-windir'
2024-03-15 17:22:00 +01:00
W.C.A. Wijngaards
2993437eaa
- Fix that addrinfo is not kept around but copied and freed, so that
...
log-destaddr uses a copy of the information, much like NSD does.
2024-03-15 13:39:49 +01:00
W.C.A. Wijngaards
0bcc8c0211
- The code repository continues with version 1.19.4.
2024-03-14 10:33:13 +01:00
W.C.A. Wijngaards
4b54d8e15e
- Fix rpz for cname override action after nsdname and nsip triggers.
2024-03-13 17:14:14 +01:00
W.C.A. Wijngaards
afe52595a9
- Fix to unify codepath for local alias for rpz cname action override.
2024-03-13 16:12:48 +01:00
W.C.A. Wijngaards
4f417262e3
- Fix rpz that the rpz override is taken in case of clientip triggers.
...
Fix that the clientip passthru action is logged. Fix that the
clientip localdata action is logged. Fix rpz override action cname
for the clientip trigger.
2024-03-13 16:04:58 +01:00
W.C.A. Wijngaards
1db3b38104
- Fix #1029 : rpz trigger clientip and action rpz-passthru not working
...
as expected.
2024-03-13 13:45:04 +01:00
Yorgos Thessalonikefs
bc47f50926
Changelog entry for #1028 :
...
- Merge #1028 : Clearer documentation for tcp-idle-timeout and
edns-tcp-keepalive-timeout.
2024-03-12 14:52:57 +01:00
Yorgos Thessalonikefs
e36b5a099c
Clearer documentation for tcp-idle-timeout and edns-tcp-keepalive-timeout ( #1028 )
...
* - Clearer documentation for tcp-idle-timeout and
edns-tcp-keepalive-timeout.
* - Address review comment.
2024-03-12 14:52:00 +01:00
Yorgos Thessalonikefs
025881d0e9
- Introduce 'cache-min-negative-ttl' option to bound the minimum TTL for
...
negative answers overriding 'cache-min-ttl'.
2024-03-12 11:24:59 +01:00
W.C.A. Wijngaards
320d0a5f1b
- Fix #1021 Inconsistent Behavior with Changing rpz-cname-override
...
and doing a unbound-control reload.
2024-03-11 16:31:58 +01:00
W.C.A. Wijngaards
d382210fce
Update doc/Changelog to note the fixes included in 1.19.3rc2.
2024-03-11 12:30:24 +01:00
W.C.A. Wijngaards
7b62767e16
- Fix unbound-control-setup.cmd to have CA v3 basicConstraints,
...
like unbound-control-setup.sh has.
2024-03-08 17:18:05 +01:00
W.C.A. Wijngaards
6568841bb0
- Fix doc test so it ignores but outputs unsupported doxygen options.
2024-03-08 16:43:24 +01:00
W.C.A. Wijngaards
e361f6b284
- Fix qname minimisation for reply with a DNAME for qtype CNAME that
...
answers it.
2024-03-08 16:33:17 +01:00
Yorgos Thessalonikefs
53766917ef
- Update doc/unbound.doxygen with 'doxygen -u'. Fixes option
...
deprecation warnings and updates with newer defaults.
2024-03-08 16:13:36 +01:00
W.C.A. Wijngaards
2a255076f5
- Fix validator classification of qtype DNAME for positive and
...
redirection answers, and fix validator signature routine for dealing
with the synthesized CNAME for a DNAME without previously
encountering it and also for when the qtype is DNAME.
2024-03-08 14:10:06 +01:00
W.C.A. Wijngaards
fb080e7853
- Remove unused portion from iter_dname_ttl unit test.
2024-03-08 09:51:37 +01:00
W.C.A. Wijngaards
0818841038
- Fix TTL of synthesized CNAME when a DNAME is used from cache.
2024-03-08 09:47:59 +01:00
W.C.A. Wijngaards
939baebfe7
- Fix unbound-control-setup.cmd to use 3072 bits so that certificates
...
are long enough for newer OpenSSL versions.
2024-03-08 09:07:36 +01:00
W.C.A. Wijngaards
326ba26522
- Version set to 1.19.3 for release. After 1.19.2 point release with
...
security fix for CVE-2024-1931, Denial of service when trimming
EDE text on positive replies. The code repo includes the fix and
is for version 1.19.3.
2024-03-07 11:06:42 +01:00
W.C.A. Wijngaards
ec0b510f1c
- Fix for #1022 : Fix ede prohibited in access control refused answers.
2024-03-05 13:39:29 +01:00
W.C.A. Wijngaards
be626f7c53
- Fix edns subnet replies for scope zero answers to not get stored
...
in the global cache, and in cachedb, when the upstream replies
without an EDNS record.
2024-03-04 13:20:13 +01:00
W.C.A. Wijngaards
3096e4930e
- Move github workflows to use checkoutv4.
2024-02-28 11:44:52 +01:00
Yorgos Thessalonikefs
33bdf44a04
- Document the suspend argument for process_ds_response().
2024-02-23 14:34:33 +01:00
W.C.A. Wijngaards
ccbe31c21f
- Fix trim of EDE text from large udp responses from spinning cpu.
2024-02-22 16:22:31 +01:00
Yorgos Thessalonikefs
c6746499c1
Changelog entry for #1010 :
...
- Merge #1010 : Mention REFUSED has the TC bit set with unmatched
allow_cookie acl in the manpage. It also fixes the code to match the
documentation about clients with a valid cookie that bypass the
ratelimit regardless of the allow_cookie acl.
2024-02-20 15:33:18 +01:00
Willem Toorop
e1229e375f
Mention REFUSED has the TC bit set with unmatched allow_cookie acl in the manpage ( #1010 )
...
* Mention REFUSED with TC with unmatched allow_cookie acl in manpage
Also moved the part about bypassing ip-ratelimit to the ip-ratelimit
description as it will be bypassed with a valid DNS-Cookie regardless of the
allow_cookie acl.
* Apply suggestions from code review
* Update doc/unbound.conf.5.in
* DNS-Cookies should bypass ip-ratelimit setting
2024-02-20 15:29:34 +01:00
W.C.A. Wijngaards
be27499d39
- These fixes are part of the 1.19.1 release, that is a security
...
point release on 1.19.0, the code repository continues with these
fixes, with version number 1.19.2.
2024-02-13 14:03:30 +01:00
W.C.A. Wijngaards
54d86dd73b
- Fix documentation for access-control in the unbound.conf man page.
2024-02-08 14:36:18 +01:00
Yorgos Thessalonikefs
93490a0fc1
- Fix #1006 : Can't find protobuf-c package since #999 .
2024-02-07 10:38:52 +01:00
W.C.A. Wijngaards
0585c3e5fd
Autoconf and changelog note for #999
...
- Merge #999 : Search for protobuf-c with pkg-config.
2024-01-30 16:24:41 +01:00
Yorgos Thessalonikefs
3522451600
- Update message TTL when using cached RRSETs. It could result in
...
non-expired messages with expired RRSETs (non-usable messages by
Unbound).
2024-01-23 10:10:37 +01:00
Yorgos Thessalonikefs
fe03bacd6c
- Update error printout for duplicate trust anchors to include the
...
trust anchor name (relates to #920 ).
2024-01-22 15:54:36 +01:00
W.C.A. Wijngaards
1f46d5945b
- Fix for #997 : Print details for SSL certificate failure.
2024-01-22 09:40:36 +01:00
W.C.A. Wijngaards
d1a2bd67da
- Fix warning for windres on resource files due to redefinition.
2024-01-17 16:19:56 +01:00
W.C.A. Wijngaards
74b4d81992
- Update workflow for ports to use newer openssl on windows compile.
2024-01-17 13:45:59 +01:00
W.C.A. Wijngaards
fea8f0d5fd
Changelog note for #993
...
- Merge #993 : Update b.root-servers.net also in example config file.
2024-01-16 16:44:15 +01:00
Wouter Wijngaards
0e5dab5eaf
Merge pull request #993 from InfrastructureServices/b.root-servers.net-conf
...
Update b.root-servers.net also in example config file
2024-01-16 16:44:02 +01:00
W.C.A. Wijngaards
c550bc154f
- Fix to link with libssp for libcrypto and getaddrinfo check for
...
only header. Also update crosscompile to remove ssp for 32bit.
2024-01-16 16:40:14 +01:00
Petr Mensik
40fcb91206
Update b.root-servers.net also in example config file
...
Addition to commit a8739bad76 , which
updated only address specified in code. But addresses provided in
example configuration were not updated, I think they should be updated
too.
2024-01-16 16:14:13 +01:00
W.C.A. Wijngaards
c8554ff48c
- Fix to link with -lcrypt32 for OpenSSL 3.2.0 on Windows.
2024-01-15 16:44:27 +01:00
W.C.A. Wijngaards
3d95cef08c
Changelog note for #988 .
...
- Merge #988 : Fix NLnetLabs#981: dump_cache truncates large records.
2024-01-09 08:41:52 +01:00
W.C.A. Wijngaards
418eeb642c
- Fix unit test for #987 change in udp1xxx retry packet send.
2024-01-05 14:11:55 +01:00
W.C.A. Wijngaards
8ac56d004d
Changelog note for #987
...
- Merge #987 : skip edns frag retry if advertised udp payload size is
not smaller.
2024-01-05 13:47:30 +01:00
W.C.A. Wijngaards
b9b488b6d3
- Remove unneeded newlines and improve indentation in remote control
...
code.
2024-01-04 17:06:15 +01:00
W.C.A. Wijngaards
9a2d0238a8
- Fix #983 : Sha1 runtime insecure change was incomplete.
2024-01-03 13:33:43 +01:00
W.C.A. Wijngaards
5cc21690eb
Changelog note for #985 .
...
- Merge #985 : Add DoH and DoT to dnstap message.
2024-01-03 10:37:44 +01:00
W.C.A. Wijngaards
df284fbe65
Changelog note for #979 and #980 .
...
- Merge #980 : DoH: reject non-h2 early. To fix #979 : Improve errors
for non-HTTP/2 DoH clients.
2024-01-03 10:04:06 +01:00
Yorgos Thessalonikefs
6c82f4ae9b
- Update example.conf with cookie options.
2023-12-22 11:42:20 +01:00
W.C.A. Wijngaards
22dc376392
Fixup doc/Changelog.
2023-12-08 17:17:23 +01:00
W.C.A. Wijngaards
4ef1fb5a24
- Fix root_zonemd unit test, it checks that the root ZONEMD verifies,
...
now that the root has a valid ZONEMD.
2023-12-08 17:15:35 +01:00
Yorgos Thessalonikefs
be6fd80a1c
- Merge PR #973 : Use the origin (DNAME) TTL for synthesized CNAMEs as per RFC 6672.
2023-12-08 09:23:26 +01:00
W.C.A. Wijngaards
c48a467b8e
Changelog note for #975
...
- Merge #975 : Fixed some syntax errors in rpl files.
2023-12-07 12:11:03 +01:00
W.C.A. Wijngaards
2978106991
- Fix #974 : doc: default number of outgoing ports without libevent.
2023-12-07 09:41:03 +01:00
W.C.A. Wijngaards
6c76b4e2f8
- Fix tests to use new common.sh functions, wait_logfile and
...
kill_from_pidfile.
2023-12-06 16:32:06 +01:00
W.C.A. Wijngaards
c91bd60051
- Update test script file common.sh.
2023-12-06 16:14:24 +01:00
W.C.A. Wijngaards
a8739bad76
- Updated IPv4 and IPv6 address for b.root-servers.net in root hints.
2023-12-06 13:25:58 +01:00
W.C.A. Wijngaards
2b97442f2e
- iana portlist update.
2023-12-06 13:22:35 +01:00
W.C.A. Wijngaards
5997355e22
- Fix to sync the tests script file common.sh.
2023-12-06 11:58:14 +01:00
W.C.A. Wijngaards
d8bd9845cc
- Fix dnstap that assertion failed on logging other than UDP and TCP
...
traffic. It lists it as TCP traffic.
2023-12-05 13:14:08 +01:00
W.C.A. Wijngaards
3d1bc143af
- Fix #969 : [FR] distinguish Do53, DoT and DoH in the logs.
2023-12-05 10:05:51 +01:00
W.C.A. Wijngaards
72a25f825c
Changelog note for #971
...
- Merge #971 : fix 'WARNING: Message has 41 extra bytes at end'.
2023-12-05 09:09:42 +01:00
Yorgos Thessalonikefs
a2f0186427
- Merge #968 : Replace the obsolescent fgrep with grep -F in tests.
2023-11-27 16:47:13 +01:00
W.C.A. Wijngaards
58d670a258
- Fix #964 : config.h.in~ backup file in release tar balls.
2023-11-27 16:04:33 +01:00
Yorgos Thessalonikefs
15a9b0f2be
- Use 127.0.0.1 explicitly in tests to avoid delays and errors on newer
...
systems.
2023-11-24 15:34:25 +01:00
W.C.A. Wijngaards
197bf15402
- Fix unit test parse of origin syntax.
2023-11-09 15:26:46 +01:00
W.C.A. Wijngaards
0bae242cbf
- The repository continues with 1.19.1.
2023-11-08 10:59:25 +01:00
W.C.A. Wijngaards
3352b1090e
- Set version number to 1.19.0.
...
- Tag for 1.19.0rc1 release.
2023-11-02 08:40:20 +01:00
W.C.A. Wijngaards
c4d17dd231
- Fix compilation without openssl, remove unused function warning.
2023-11-01 17:09:37 +01:00
W.C.A. Wijngaards
5f78f67e39
- Fix SSL compile failure for other missing definitions in
...
log_crypto_err_io_code_arg.
2023-11-01 14:20:52 +01:00
W.C.A. Wijngaards
b1d99bb6b6
- Fix SSL compile failure for definition in log_crypto_err_io_code_arg.
2023-11-01 14:14:02 +01:00
George Thessalonikefs
8914e9fd03
- Mention flex and bison in README.md when building from repository
...
source.
2023-11-01 13:57:06 +01:00
George Thessalonikefs
8d1d728d88
- Fix #941 : dnscrypt doesn't work after upgrade to 1.18 with
...
suggestion by dukeartem to also fix the udp_ancil with dnscrypt.
2023-10-31 22:41:06 +01:00
George Thessalonikefs
59c14c747a
Changelog entry for #930
...
- Merge #930 from Stuart Henderson: add void to
log_ident_revert_to_default declaration.
2023-10-30 12:18:01 +01:00
W.C.A. Wijngaards
a7e079ea16
- autoconf.
2023-10-30 10:44:23 +01:00
George Thessalonikefs
a97bed9d22
- Clearer configure text for missing protobuf-c development libraries.
2023-10-24 16:34:12 +02:00
W.C.A. Wijngaards
0ce68e97a7
Changelog entry for #951 .
...
- Merge #951 : Cachedb no store. The cachedb-no-store: yes option is
used to stop cachedb from writing messages to the backend storage.
It reads messages when data is available from the backend. The
default is no.
2023-10-20 17:01:13 +02:00
Wouter Wijngaards
3f66230874
Merge pull request #951 from NLnetLabs/cachedb-no-store
...
Cachedb no store
2023-10-20 17:00:13 +02:00
W.C.A. Wijngaards
35d0a8a843
- Fix to print detailed errors when an SSL IO routine fails via
...
SSL_get_error.
2023-10-19 11:17:32 +02:00
George Thessalonikefs
44c3d4d2dc
- Changelog entry for:
...
Merge #955 from buevsan: fix ipset wrong behavior.
- Update testdata/ipset.tdir test for ipset fix.
2023-10-18 15:11:38 +02:00
George Thessalonikefs
2f0b11673a
- Update the dns64_lookup.rpl test for the DNS64 fallback patch.
2023-10-18 12:59:54 +02:00
George Thessalonikefs
c5aa6a2286
- Changelog entry for DNS64 patches from Daniel Gröber.
2023-10-18 12:16:35 +02:00
W.C.A. Wijngaards
0f78bea4a3
- Fix #954 : Inconsistent RPZ handling for A record returned along with
...
CNAME.
2023-10-17 16:47:04 +02:00
George Thessalonikefs
e4510c76e5
- For multi Python module setups, clean previously parsed module
...
functions in __main__'s dictionary, if any, so that only current
module functions are registered.
2023-10-16 16:03:11 +02:00
George Thessalonikefs
122dd6c11e
- Expose the configured listening and outgoing interfaces, if any, as
...
a list of strings in the Python 'config_file' class instead of the
current Swig object proxy; fixes #79 .
2023-10-16 15:53:47 +02:00
George Thessalonikefs
63a5280f8f
- Expose the script filename in the Python module environment 'mod_env'
...
instead of the config_file structure which includes the linked list
of scripts in a multi Python module setup; fixes #79 .
2023-10-16 15:47:18 +02:00
George Thessalonikefs
07149f576a
- Better fix for infinite loop when reading multiple lines of input on
...
a broken remote control socket, by treating a zero byte line the
same as transmission end. Addesses #947 and #948 .
2023-10-13 14:58:16 +02:00
W.C.A. Wijngaards
4a211a9117
- cachedb-no-store, example conf and man page documentation.
2023-10-13 11:37:18 +02:00
W.C.A. Wijngaards
908e1cb11a
Changelog note for #944 .
...
- Merge #944 : Disable EDNS DO.
Disable the EDNS DO flag in upstream requests. This can be helpful
for devices that cannot handle DNSSEC information. But it should not
be enabled otherwise, because that would stop DNSSEC validation. The
DNSSEC validation would not work for Unbound itself, and also not
for downstream users. Default is no. The option
is disable-edns-do: no
2023-10-12 14:05:31 +02:00
Wouter Wijngaards
5c6c57ed89
Merge pull request #944 from NLnetLabs/disable-edns-do
...
Disable EDNS DO
2023-10-12 14:04:29 +02:00
W.C.A. Wijngaards
67153f897e
- Fix for #949 : Fix pythonmod/ubmodule-tst.py for Python 3.x.
2023-10-11 13:47:28 +02:00
W.C.A. Wijngaards
f2528dc3ac
- Fix that cachedb does not warn when serve-expired is disabled about
...
use of serve-expired-reply-ttl and serve-expired-client-timeout.
2023-10-11 13:29:56 +02:00
W.C.A. Wijngaards
d5954aff08
- Fix #949 : "could not create control compt".
2023-10-11 11:59:26 +02:00
George Thessalonikefs
e98b89651e
- Fix #850 : [FR] Ability to use specific database in Redis, with new
...
redis-logical-db configuration option.
2023-10-11 11:44:55 +02:00
George Thessalonikefs
516f90abdb
- Fix infinite loop when reading multiple lines of input on a broken
...
remote control socket. Addesses #947 and #948 .
2023-10-10 15:17:48 +02:00
W.C.A. Wijngaards
c09320c651
- Fix that printout of EDNS options shows the EDNS cookie option by
...
name.
2023-10-09 12:36:54 +02:00
W.C.A. Wijngaards
6d0812b567
- Fix edns subnet so that queries with a source prefix of zero cause
...
the recursor send no edns subnet option to the upstream.
2023-10-09 12:21:22 +02:00
Wouter Wijngaards
b05154218c
Update doc/unbound.conf.5.in
...
Co-authored-by: Yorgos Thessalonikefs <george@nlnetlabs.nl>
2023-10-06 16:40:34 +02:00
W.C.A. Wijngaards
1e85749e6e
Merge branch 'master' into disable-edns-do
2023-10-05 15:57:41 +02:00
W.C.A. Wijngaards
b865aca03a
- Fix #946 : Forwarder returns servfail on upstream response noerror no
...
data.
2023-10-04 18:16:22 +02:00
W.C.A. Wijngaards
39df4f0923
- disable-edns-do, queriers receive no EDNS in response if the
...
disable-edns-do option is enabled and they set the DO flag. And unit test
for that.
2023-10-04 13:54:05 +02:00
W.C.A. Wijngaards
eff3e01ec3
Merge branch 'master' into disable-edns-do
2023-10-04 13:34:47 +02:00
George Thessalonikefs
13d4504dfc
- Merge #881 : Generalise the proxy protocol code.
2023-10-03 14:51:50 +02:00
George Thessalonikefs
9342bf685e
- Fix misplaced comment.
2023-10-02 16:13:23 +02:00
W.C.A. Wijngaards
ca481322d4
Merge branch 'master' into disable-edns-do
2023-09-28 16:49:01 +02:00
W.C.A. Wijngaards
654a7eab62
- Fix #942 : 1.18.0 libunbound DNS regression when built without
...
OpenSSL.
2023-09-22 13:15:35 +02:00
W.C.A. Wijngaards
9cd282e001
Merge branch 'master' into disable-edns-do
2023-09-20 13:18:26 +02:00
W.C.A. Wijngaards
bd5dc855af
- Fix rpz tcp-only action with rpz triggers nsdname and nsip.
2023-09-18 09:55:39 +02:00
W.C.A. Wijngaards
31218166fc
- Fix to remove two c99 notations.
2023-09-15 13:30:30 +02:00
W.C.A. Wijngaards
6bdecdbc5a
Changelog note and autoconf for #936
...
- Merge #936 : Check for c99 with autoconf versions prior to 2.70.
2023-09-15 13:24:20 +02:00
W.C.A. Wijngaards
6e65343895
- Fix authority zone answers for obscured DNAMEs and delegations.
2023-09-14 11:37:49 +02:00
W.C.A. Wijngaards
d1977c679b
- disable-edns-do, doc and add option disable-edns-do: no.
2023-09-13 13:11:53 +02:00
W.C.A. Wijngaards
0ee44ef384
- Fix send of udp retries when ENOBUFS is returned. It stops looping
...
and also waits for the condition to go away. Reported by Florian
Obser.
2023-09-08 13:35:42 +02:00
W.C.A. Wijngaards
8c751d48a2
- Fix to print EDE text in readable form in output logs.
2023-09-07 15:28:01 +02:00
W.C.A. Wijngaards
5b8a7340bb
- Fix to set ede match in unit test for rr length removal.
...
Changelog note.
2023-09-07 14:59:13 +02:00
W.C.A. Wijngaards
fdd5f8ff83
- Fix to add EDE text when RRs have been removed due to length.
2023-09-07 14:44:48 +02:00
W.C.A. Wijngaards
63616a5fce
- Fix to move msgparse_rrset_remove_rr code to util/msgparse.c.
2023-09-07 11:29:53 +02:00
W.C.A. Wijngaards
dfc00271d1
- Fix to scrub resource records of type A and AAAA that have an
...
inappropriate size. They are removed from responses.
2023-09-07 11:08:04 +02:00
W.C.A. Wijngaards
1143050ea6
Changelog note for #931
...
- Merge #931 : Prevent warnings from -Wmissing-prototypes.
2023-09-06 09:49:35 +02:00
W.C.A. Wijngaards
10843805ac
- Fix #927 : unbound 1.18.0 make test error. Fix make test without SHA1.
2023-08-31 13:54:03 +02:00
W.C.A. Wijngaards
f0e15272b2
- Fix autoconf 2.69 warnings in configure.
2023-08-31 09:19:24 +02:00
W.C.A. Wijngaards
d4c4537b33
- Fix for WKS call to getservbyname that creates allocation on exit
...
in unit test by testing numbers first and testing from the services
list later.
2023-08-30 14:31:24 +02:00
W.C.A. Wijngaards
ba1183bb6e
Tag 1.18.0rc1 became the 1.18.0 release on
...
30 aug 2023, with the fix from 25 aug, fix compile on NetBSD
included. The repository continues with version 1.18.1.
2023-08-30 11:03:42 +02:00
W.C.A. Wijngaards
85ee5284f5
- Fix for version generation race condition that ignored changes.
2023-08-28 13:25:04 +02:00
W.C.A. Wijngaards
3795e37410
- Fix compile error on NetBSD in util/netevent.h.
2023-08-25 08:43:27 +02:00
W.C.A. Wijngaards
d396d8dae3
- Tag for 1.18.0rc1 release.
2023-08-23 10:49:45 +02:00
W.C.A. Wijngaards
8da117b086
- Set version number to 1.18.0.
2023-08-22 14:32:51 +02:00
W.C.A. Wijngaards
6e43145382
- Fix unit test for unbound-control to work when threads are disabled,
...
and fix cache dump check.
2023-08-21 16:58:10 +02:00
W.C.A. Wijngaards
be53e37b15
- Fix #923 : processQueryResponse() THROWAWAY should be mindful of
...
fail_reply.
2023-08-21 14:32:13 +02:00
W.C.A. Wijngaards
3160d6ac08
- Fix for #925 : unbound.service: Main process exited, code=killed,
...
status=11/SEGV. Fixes cachedb configuration handling.
2023-08-21 11:28:49 +02:00
W.C.A. Wijngaards
d1f388ec93
- Fix windows ci workflow to install bison and flex.
2023-08-21 10:43:02 +02:00
W.C.A. Wijngaards
3ea6f730ac
- Debug Windows ci workflow.
2023-08-21 10:16:00 +02:00
W.C.A. Wijngaards
083770cb39
- Fix stat_values test to work with dig that enables DNS cookies.
2023-08-18 13:39:27 +02:00
W.C.A. Wijngaards
8756ad63dd
- Fix uninitialized memory passed in padding bytes of cmsg to sendmsg.
2023-08-18 13:18:46 +02:00
W.C.A. Wijngaards
c4566aa5d3
Changelog for commit.
...
- Fix for iter_dec_attempts that could cause a hang, part of
capsforid and qname minimisation, depending on the settings.
2023-08-18 13:10:51 +02:00
W.C.A. Wijngaards
5f423906de
- Fix ip_ratelimit test to work with dig that enables DNS cookies.
2023-08-17 15:43:14 +02:00
W.C.A. Wijngaards
4844fa3481
- Fix regional_alloc_init for potential unaligned source of the copy.
2023-08-17 15:22:54 +02:00
W.C.A. Wijngaards
0f5fecd516
Changelog note for #762 .
...
- Merge PR #762 : Downstream DNS Server Cookies a la RFC7873 and
RFC9018. Create server cookies for clients that send client cookies.
This needs to be explicitly turned on in the config file with:
`answer-cookie: yes`. A `cookie-secret:` can be configured for
anycast setups. Without one, a random cookie secret is generated.
The acl option `allow_cookie` allows queries with either a valid
cookie or over a stateful transport. The statistics output has
`queries_cookie_valid` and `queries_cookie_client` and
`queries_cookie_invalid` information. The `ip\-ratelimit\-cookie:`
value determines a rate limit for queries with cookies, if desired.
2023-08-17 15:18:46 +02:00
George Thessalonikefs
bab5ad623c
- For #762 : Introduce stat counters for downstream DNS Cookies per
...
thread and total: num.queries_cookie_valid, num.queries_cookie_client,
num.queries.cookie_invalid.
2023-08-08 15:19:56 +02:00
George Thessalonikefs
49e4258102
- For #762 : Interaction between DNS Cookies and source IP ratelimiting
...
by allowing Cookies to bypass the ratelimit, but still allowing
ratelimit to valid DNS Cookie clients via the new
ip-ratelimit-cookie option.
2023-08-08 10:14:03 +02:00
George Thessalonikefs
4ccb613396
Merge branch 'master' into features/downstream-cookies
2023-08-05 20:37:48 +02:00
George Thessalonikefs
fbc0256825
- For #762 : Cleaner manpage text and uniform use of the term DNS
...
Cookies.
2023-08-05 20:00:37 +02:00
George Thessalonikefs
d4145772b5
- Move a cache reply callback in worker.c closer to the cache reply
...
generation.
2023-08-02 12:33:52 +02:00
George Thessalonikefs
2cc9563cf8
- Fix to use the now cached EDE, if any, for CD_bit queries.
2023-08-01 15:23:25 +02:00
George Thessalonikefs
8aec671860
- More braces and formatting for Fix for EDNS EDE size calculation to
...
avoid future bugs.
2023-08-01 15:15:33 +02:00
W.C.A. Wijngaards
990b12bc8e
- Fix for EDNS EDE size calculation.
2023-08-01 15:08:50 +02:00
George Thessalonikefs
11f12bc981
- Merge #911 from natalie-reece: Exclude EDE before other EDNS options when
...
there isn't enough space.
- For #911 : Try to trim EXTRA-TEXT (and LDNS_EDE_OTHER options
altogether) before giving up on attaching EDE options.
2023-08-01 10:01:18 +02:00
W.C.A. Wijngaards
f531011e85
- iana portlist update.
2023-07-31 10:24:43 +02:00
George Thessalonikefs
d18813be30
- Merge #790 from Tom Carpay: Add support for EDE caching in cachedb
...
and subnetcache.
2023-07-31 10:18:10 +02:00
George Thessalonikefs
6819c1e444
- Merge #759 from Tom Carpay: Add EDE (RFC8914) caching.
2023-07-30 11:48:04 +02:00
George Thessalonikefs
373904f865
- Fix unused variable compile warning for kernel timestamps in
...
netevent.c
2023-07-28 20:17:07 +02:00
George Thessalonikefs
1e47eea6e3
- Merge #889 from borisVanhoof: Free memory in error case + remove
...
unused function.
2023-07-21 21:13:43 +02:00
George Thessalonikefs
51c189394d
- Cleaner failure code for callback functions in interface.i.
2023-07-21 16:53:36 +02:00
George Thessalonikefs
2e257fff2a
- Merge #390 from Frank Riley: Add missing callbacks to the python
...
module.
2023-07-21 16:50:57 +02:00
George Thessalonikefs
04053d39a0
- Merge #118 from mibere: Changed verbosity level for Redis init &
...
deinit.
2023-07-21 15:01:48 +02:00
George Thessalonikefs
36b38cea74
- Merge #857 from eaglegai: fix potential memory leaks when errors
...
happen.
2023-07-21 14:04:38 +02:00
George Thessalonikefs
ae2c2be1a5
Merge branch 'master' of github.com:NLnetLabs/unbound
2023-07-20 12:56:31 +02:00
George Thessalonikefs
bf37487dca
- Merge #901 from Sergei Trofimovich: config: improve handling of
...
unknown modules.
2023-07-20 12:56:20 +02:00
W.C.A. Wijngaards
8d45c1592b
- For #909 : Fix RR class comparison.
2023-07-20 12:16:24 +02:00
George Thessalonikefs
27c028cf27
- Merge #909 from headshog: Numeric truncation when parsing TYPEXX and
...
CLASSXX representation.
- For #909 : Fix return values.
2023-07-20 11:57:17 +02:00
George Thessalonikefs
299f55b0d1
- More clear description of the different auth-zone behaviors on the
...
man page.
2023-07-14 15:28:42 +02:00
George Thessalonikefs
52f0387cac
- Merge #880 from chipitsine: services/authzone.c: remove redundant
...
check.
2023-07-13 11:52:14 +02:00
George Thessalonikefs
7240ecbeb0
- Merge #664 from tilan7763: Add prefetch support for subnet cache
...
entries.
- For #664 : Easier code flow for subnetcache prefetching.
- For #664 : Add testcase.
- For #664 : Rename subnet_prefetch tests to subnet_global_prefetch to
differentiate from the new subnet prefetch support.
2023-07-11 14:31:49 +02:00
George Thessalonikefs
0afe58a06e
- Skip the 00-lint test. splint is not maintained; it either does not
...
work or produces false positives. Static analysis is handled in the
clang test.
2023-07-03 15:38:16 +02:00
George Thessalonikefs
2069271384
- Merge #802 : add validation EDEs to queries where the CD bit is set.
...
- For #802 : Cleanup comments and add RCODE check for CD bit test case.
2023-07-03 14:48:39 +02:00
W.C.A. Wijngaards
5aa47fb1fa
- Fix dereference of NULL variable warning in mesh_do_callback.
2023-07-03 13:50:39 +02:00
George Thessalonikefs
1962991937
- Merge #739 : Add SVCB dohpath support.
...
- Code cleanup for sldns_str2wire_svcparam_key_lookup.
2023-07-03 11:02:05 +02:00
W.C.A. Wijngaards
48a6ff14a4
- Fix #906 : warning: ‘Py_SetProgramName’ is deprecated.
2023-07-03 10:23:37 +02:00
George Thessalonikefs
380e3de140
- Merge #827 from rcmcdonald91: Eliminate unnecessary Python reloading
...
which causes memory leaks.
2023-06-29 13:02:27 +02:00
George Thessalonikefs
fc8bf269e9
- More fixes for reference counting for python module and clean up
...
failure code.
2023-06-29 12:26:49 +02:00
W.C.A. Wijngaards
7696074fa9
- Fix python modules with multiple scripts, by incrementing reference
...
counts.
2023-06-29 10:16:37 +02:00
George Thessalonikefs
bea61fc37c
- Remove warning about unknown cast-function-type warning pragma.
2023-06-27 16:44:29 +02:00
George Thessalonikefs
41dac805f5
- Merge #892 : Add cachedb hit stat. Introduces 'num.query.cachedb' as
...
a new statistical counter.
2023-06-27 12:46:26 +02:00
W.C.A. Wijngaards
2207a55107
Add changelog and contrib/README mention for #903
...
- Merge #903 : contrib: add yocto compatible init script.
2023-06-22 15:41:17 +02:00
Philip Homburg
64476280ed
Changelog for #887 and #516
2023-06-15 11:09:08 +02:00
George Thessalonikefs
0f1ea7e490
- Properly handle all return values of worker_check_request during
...
early EDE code.
- Do not check the incoming request more than once.
2023-06-14 11:40:59 +02:00
W.C.A. Wijngaards
f9317d65b3
- Fix for uncertain unit test for doh buffer size events.
2023-06-12 12:39:00 +02:00
W.C.A. Wijngaards
2cf0359ffe
Changelog note for #895
...
- Fix #895 : python + sysconfig gives ANOTHER path comparing to
distutils.
2023-06-12 10:39:44 +02:00
W.C.A. Wijngaards
35885e5a70
- Merge #896 : Fix : #895 : pythonmodule: add all site-packages
...
directories to sys.path.
2023-06-12 10:30:50 +02:00
George Thessalonikefs
4f52be4db9
- Introduce num.query.cachedb to track cache hits for the external cache.
2023-05-30 17:49:50 +02:00
W.C.A. Wijngaards
512236d705
- Fix unbound-dnstap-socket time fraction conversion for printout.
2023-05-25 16:27:19 +02:00
W.C.A. Wijngaards
d57986724e
- Fix unbound-dnstap-socket printout when no query is present.
2023-05-25 14:30:25 +02:00
W.C.A. Wijngaards
59fd48c226
- Fix to remove unused variables from RPZ clientip data structure.
2023-05-19 16:36:31 +02:00
W.C.A. Wijngaards
da78c42f88
- Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR.
2023-05-19 14:38:41 +02:00
W.C.A. Wijngaards
a07ccbae9a
- Fix to print debug log for ancillary data with correct IP address.
2023-05-16 09:21:21 +02:00
W.C.A. Wijngaards
2a2598dbf2
- Fix #888 : [FR] Use kernel timestamps for dnstap.
2023-05-16 08:50:38 +02:00
W.C.A. Wijngaards
1fb78afc29
- Fix warning in windows compile, in set_recvtimestamp.
2023-05-11 09:32:59 +02:00
W.C.A. Wijngaards
b2cba7b707
- Fix doxygen in addr_to_nat64 header definition.
2023-05-04 15:53:05 +02:00
W.C.A. Wijngaards
8dd09e31d2
- Fix to remove unused whitespace from acx_nlnetlabs.m4 and config.h.
2023-05-04 11:17:06 +02:00
W.C.A. Wijngaards
806c3d7330
- Fix #885 : Error: util/configlexer.c: No such file or directory,
...
adds error messages explaining to install flex and bison.
2023-05-04 11:12:11 +02:00
George Thessalonikefs
2695eb9d1a
Changelog entry for #722 :
...
- Merge #722 from David 'eqvinox' Lamparter: NAT64 support.
- For #722 : minor fixes, formatting, refactoring.
2023-05-01 18:32:40 +02:00
George Thessalonikefs
20184483df
Merge branch 'eqvinox-nat64'
2023-05-01 18:24:05 +02:00
George Thessalonikefs
adb4aeb609
- For #722 : Minor fixes, formatting and refactoring.
2023-05-01 18:23:13 +02:00
W.C.A. Wijngaards
70c2b587fc
- Fix RPZ IP responses with trigger rpz-drop on cache entries, that
...
they are dropped.
2023-05-01 09:26:17 +02:00
Philip Homburg
a50ddd7ab9
Changelog for #860
2023-04-26 17:15:59 +02:00
George Thessalonikefs
e1ec3cf893
Merge branch 'nat64' of https://github.com/eqvinox/unbound into eqvinox-nat64
2023-04-26 15:14:39 +02:00
W.C.A. Wijngaards
8058dc9127
- Fix for #882 : document variable to stop doxygen warning.
2023-04-26 14:07:33 +02:00
W.C.A. Wijngaards
144f29638c
- Fix for #882 : small changes, date updated in Copyright for
...
util/timeval_func.c and util/timeval_func.h. Man page entries and
example entry.
2023-04-26 13:49:33 +02:00
W.C.A. Wijngaards
fe46bc47d7
- Fix for #878 : Invalid IP address in unbound.conf causes Segmentation
...
Fault on OpenBSD.
2023-04-19 09:56:31 +02:00
W.C.A. Wijngaards
e11d206a82
Changelog entry for #875 and #874 .
...
- Merge #875 : change obsolete txt URL in unbound-anchor.c to point
to RFC 7958, and Fix #874 .
2023-04-14 11:19:25 +02:00
W.C.A. Wijngaards
d6c33e1757
- Fix build badge, from failing travis link to github ci action link.
2023-04-13 11:22:11 +02:00
W.C.A. Wijngaards
7033234a48
- Fix for #870 : Add test case for the qname minimisation and CNAME.
2023-04-06 10:04:04 +02:00
W.C.A. Wijngaards
c7618a9b80
- Fix #870 : NXDOMAIN instead of NOERROR rcode when asked for existing
...
CNAME record.
2023-04-04 10:06:16 +02:00
Philip Homburg
312035f58a
Changelog for issue #676
2023-03-24 14:54:14 +01:00
Philip Homburg
e850ca67f1
Changelog for issue #851
2023-03-21 13:54:27 +01:00
W.C.A. Wijngaards
8f83c0a2cb
- iana portlist update.
2023-03-20 14:55:55 +01:00
George Thessalonikefs
d7e7761141
- Fix #812 , fix #846 , by using the SSL_OP_IGNORE_UNEXPECTED_EOF option
...
to ignore the unexpected eof while reading in openssl >= 3.
2023-03-17 14:39:37 +01:00
W.C.A. Wijngaards
a97d7175a6
- Fix ssl.h include brackets, instead of quotes.
2023-03-16 15:40:43 +01:00
W.C.A. Wijngaards
4f25d75d4b
- Fix unbound-dnstap-socket test program to reply the finish frame
...
over a TLS connection correctly.
2023-03-14 16:57:37 +01:00
W.C.A. Wijngaards
d97c174f50
- Fix for #852 : Completion of error handling.
2023-02-23 13:38:29 +01:00
Philip Homburg
ed07c5424d
Changelog entry for issue #825
2023-02-21 09:29:39 +01:00
George Thessalonikefs
02a77f0567
Changelog entry for
...
- Clean up iterator/iterator.c::error_response_cache() and allow for
better interaction with serve-expired, prefetch and cached error
responses.
2023-02-10 16:54:44 +01:00
George Thessalonikefs
96c70d91ca
- Add testcase for refreshing expired error responses.
2023-02-09 12:44:01 +01:00
W.C.A. Wijngaards
488811157e
- Fix to git ignore the library symbol file that configure can create.
2023-02-09 12:08:27 +01:00
W.C.A. Wijngaards
e225e4bcab
- Fix consistency of unit test without roundrobin answers for the
...
cnametooptout unit test.
2023-02-09 11:46:33 +01:00
George Thessalonikefs
1c1c5d72d3
Changelog entry for
...
- Allow TTL refresh of expired error responses.
2023-02-09 10:52:56 +01:00
W.C.A. Wijngaards
a8977df4d9
- Fix unit tests for spurious empty messages.
2023-02-09 10:38:55 +01:00
W.C.A. Wijngaards
4953daa016
- Fix to ignore entirely empty responses, and try at another authority.
...
This turns completely empty responses, a type of noerror/nodata into
a servfail, but they do not conform to RFC2308, and the retry can
fetch improved content.
2023-02-09 09:56:40 +01:00
W.C.A. Wijngaards
5ab5b3b43a
- Fix #841 : Unbound won't build with aaaa-filter-iterator.patch.
2023-02-08 11:36:52 +01:00
George Thessalonikefs
24e6d1e18e
- Add duration variable for speed_local.test.
2023-01-30 11:33:58 +01:00
W.C.A. Wijngaards
c482999898
- Fix acx_nlnetlabs.m4 for -Wstrict-prototypes.
2023-01-26 10:54:38 +01:00
George Thessalonikefs
6bf677e7de
Fix #833 : [FR] Ability to set the Redis password.
2023-01-23 11:45:07 +01:00
W.C.A. Wijngaards
d666e9bd13
- Fix #835 : [FR] Ability to use Redis unix sockets.
2023-01-23 10:10:23 +01:00
W.C.A. Wijngaards
77f15428c9
- Add #835 : [FR] Ability to use Redis unix sockets.
2023-01-23 10:09:28 +01:00
W.C.A. Wijngaards
111e66ae64
Changelog note for #819 , generate configparser.c and comment syntax change.
...
- Merge #819 : Added new static zone type block_a to suppress all A
queries for specific zones.
2023-01-20 16:19:20 +01:00
Wouter Wijngaards
6a4a9435d1
Merge pull request #819 from pavel-odintsov/pavel/suppress_a
...
Added new static zone type block_a to suppress all A queries for specific zones
2023-01-20 16:18:05 +01:00
W.C.A. Wijngaards
6afdc336ba
- Fix test for new default.
2023-01-19 16:06:30 +01:00
W.C.A. Wijngaards
c9233f8429
- Set default for harden-unknown-additional to no. So that it does
...
not hamper future protocol developments.
2023-01-19 15:45:10 +01:00
W.C.A. Wijngaards
8df1e58209
- Add harden-unknown-additional option. Default on and it removes
...
unknown records from the authority section and additional section.
Thanks to Xiang Li, from NISL Lab, Tsinghua University.
2023-01-19 14:59:18 +01:00
W.C.A. Wijngaards
d69f875261
- Set max-udp-size default to 1232. This is the same default value as
...
the default value for edns-buffer-size. It restricts client edns
buffer size choices, and makes unbound behave similar to other DNS
resolvers. The new choice, down from 4096 means it is harder to get
large responses from Unbound. Thanks to Xiang Li, from NISL Lab,
Tsinghua University.
2023-01-19 14:16:17 +01:00
W.C.A. Wijngaards
b12ab31ae3
- Fix not following cleared RD flags potentially enables amplification
...
DDoS attacks, reported by Xiang Li and Wei Xu from NISL Lab,
Tsinghua University. The fix stops query loops, by refusing to send
RD=0 queries to a forwarder, they still get answered from cache.
2023-01-18 13:18:47 +01:00
W.C.A. Wijngaards
90d42148de
- Improve documentation for #826 , describe the large collisions amount.
2023-01-13 11:22:47 +01:00
W.C.A. Wijngaards
469133e8df
Changelog note and documentation for #826
...
- Merge #826 : Аdd a metric about the maximum number of collisions in
lrushah.
2023-01-13 11:01:46 +01:00
W.C.A. Wijngaards
aa621f1c04
Code repository continues with version 1.17.2.
2023-01-12 10:21:28 +01:00
W.C.A. Wijngaards
0fed35a4b7
- Fix python version detection in configure.
2023-01-09 15:10:00 +01:00
W.C.A. Wijngaards
4517dcd439
- Fix python module install path detection.
2023-01-09 15:03:38 +01:00
W.C.A. Wijngaards
c5c4f6d40b
Changelog note for 1.17.1rc2 fix.
...
- Fix wildcard in hyperlocal zone service degradation, reported
by Sergey Kacheev. This fix is included in 1.17.1rc2.
2023-01-06 13:23:02 +01:00
W.C.A. Wijngaards
ba6325f24f
- Fix #823 : Response change to NODATA for some ANY queries since
...
1.12, tested on 1.16.1.
2023-01-06 09:16:59 +01:00
W.C.A. Wijngaards
2025946247
Changelog note for tag for 1.17.1rc1.
...
- Tag for 1.17.1 release.
2023-01-05 11:06:07 +01:00
Pavel Odintsov
d5b9a790fe
Added new static zone type block_a to suppress all A queries for specific zones
2023-01-03 19:17:51 +00:00
W.C.A. Wijngaards
70260273a4
- Update github workflows to use checkout v3.
2023-01-02 13:30:03 +01:00
W.C.A. Wijngaards
1224cd9d25
- Fix windows compile for libunbound subprocess reap comm point closes.
2023-01-02 13:06:39 +01:00
George Thessalonikefs
0682d4371e
- Merge #569 from JINMEI Tatuya: add keep-cache option to
...
'unbound-control reload' to keep caches.
2022-12-14 16:40:00 +01:00
George Thessalonikefs
7716d26d46
- Use an explicit 'reload_keep_cache' command and introduce test cases
...
for #569 .
2022-12-14 16:33:28 +01:00
George Thessalonikefs
af2ef61c49
- Merge #461 from Christian Allred: Add max-query-restarts option.
2022-12-13 15:54:51 +01:00
George Thessalonikefs
df411b3f28
- Updates for #461 (Add max-query-restarts option).
2022-12-13 15:29:22 +01:00
George Thessalonikefs
71db243b0d
Merge branch 'restart_conf' of https://github.com/cgallred/unbound into cgallred-restart_conf
2022-12-13 14:35:01 +01:00
George Thessalonikefs
67cf625608
Merge branch 'master' of github.com:NLnetLabs/unbound
2022-12-13 13:59:42 +01:00
George Thessalonikefs
c61b2121b5
- Expose 'max-sent-count' as a configuration option; the
...
default value retains Unbound's behavior.
2022-12-13 13:57:07 +01:00
George Thessalonikefs
859d0f2dfe
- Expose 'statistics-inhibit-zero' as a configuration option; the
...
default value retains Unbound's behavior.
2022-12-13 10:47:37 +01:00
W.C.A. Wijngaards
1a2e6aabac
- Fix to wrap Makefile scripts directory in quotes for uninstall.
2022-12-13 09:03:52 +01:00
W.C.A. Wijngaards
726aa5b0f5
Changelog note for #808
...
- Merge #808 : Wrap Makefile script's directory variables in quotes.
2022-12-13 08:53:44 +01:00
W.C.A. Wijngaards
6b8642b662
Fix date.
2022-12-01 13:05:02 +01:00
W.C.A. Wijngaards
5c041c0ba9
- Fix #773 : When used with systemd-networkd, unbound does not start
...
until systemd-networkd-wait-online.service times out.
2022-12-01 13:04:05 +01:00
George Thessalonikefs
d7a9def160
- Clear documentation for interactivity between the subnet module and
...
the serve-expired and prefetch configuration options.
2022-11-30 14:45:36 +01:00
George Thessalonikefs
ef8111ece7
Merge branch 'master' of github.com:NLnetLabs/unbound
2022-11-30 14:34:00 +01:00
George Thessalonikefs
90f6cb1158
- Add SVCB and HTTPS to the types removed by 'unbound-control flush'.
2022-11-30 14:33:16 +01:00
W.C.A. Wijngaards
effbf99281
- Fix #782 : Segmentation fault in stats.c:404.
2022-11-30 10:18:27 +01:00
Philip Homburg
81861aee05
Changelog entry for #720
2022-11-29 16:20:52 +01:00
W.C.A. Wijngaards
6f7da59b77
- Fix for the ignore of tcp events for closed comm points, preserve
...
the use after free protection features.
2022-11-28 10:04:52 +01:00
George Thessalonikefs
896f7a8306
- Ignore expired error responses.
2022-11-22 17:44:55 +01:00
W.C.A. Wijngaards
f72116883b
- Fix #779 : [doc] Missing documention in ub_resolve_event() for
...
callback parameter was_ratelimited.
2022-11-11 11:28:15 +01:00
George Thessalonikefs
4e305e644b
- Complementary fix for distutils.sysconfig deprecation in Python 3.10
...
to commit 62c5039ab9 .
2022-11-09 11:41:28 +01:00
W.C.A. Wijngaards
89d9b25090
- iana portlist update.
2022-11-08 15:24:24 +01:00
W.C.A. Wijngaards
dda1d9544c
- Fix #775 : libunbound: subprocess reap causes parent process reap
...
to hang.
2022-11-08 15:04:05 +01:00
W.C.A. Wijngaards
52a9e6268e
- Fix to make sure to not read again after a tcp comm point is closed.
2022-11-08 13:23:44 +01:00
W.C.A. Wijngaards
8367b24bc5
- Fix to ignore tcp events for closed comm points.
2022-11-08 12:02:48 +01:00
Willem Toorop
8df26b132b
Merge branch 'master' into devel/merge-master-into-downstream-cookies
2022-11-07 17:09:20 +00:00
David Lamparter
64fb06f892
NAT64 support
...
This implements #721 . Includes documentation and some very basic tests.
Please refer to doc for further detail.
2022-11-07 11:37:50 +00:00
George Thessalonikefs
f531faf163
Changelog entry for #767
...
- Merge #767 from jonathangray: consistently use IPv4/IPv6 in
unbound.conf.5.
2022-10-21 15:49:56 +02:00
Yorgos Thessalonikefs
c0c9acccfd
Merge pull request #767 from jonathangray/man
...
consistently use IPv4/IPv6 in unbound.conf.5
2022-10-21 15:46:45 +02:00
W.C.A. Wijngaards
17e5dd6131
- Fix that cachedb does not store failures in the external cache.
2022-10-21 10:11:47 +02:00
George Thessalonikefs
e9107907e5
- Clarify the use of MAX_SENT_COUNT in the iterator code.
2022-10-18 12:29:07 +02:00
W.C.A. Wijngaards
ba8642aeb7
- testcode/dohclient sets log identity to its name.
2022-10-17 16:00:43 +02:00
W.C.A. Wijngaards
5ffa4d7232
- In unit test, print python script name list correctly.
2022-10-14 16:49:57 +02:00
W.C.A. Wijngaards
2571d00535
Changelog note for #768
...
- Merge #768 from fobser: Arithmetic on a pointer to void is a GNU
extension.
2022-10-14 16:22:17 +02:00
W.C.A. Wijngaards
5ac1bc13cb
- Tag for 1.17.0 release. The code repository continues with 1.17.1.
2022-10-13 09:34:44 +02:00
W.C.A. Wijngaards
f5e1ef650d
Merge branch 'branch-1.17.0'
2022-10-13 09:32:22 +02:00
George Thessalonikefs
d25e0cd9b0
- Fix PROXYv2 header read for TCP connections when no proxied addresses
...
are provided.
2022-10-11 17:39:30 +02:00
Jonathan Gray
4f27799456
consistently use IPv4/IPv6
2022-10-10 19:14:58 +11:00
W.C.A. Wijngaards
97d1cff315
Changelog note for tag for 1.17.0rc1 release.
2022-10-07 13:29:33 +02:00
George Thessalonikefs
a4631a3ecf
- Fix unit test to properly test the reuse_write_wait_pop function.
2022-10-07 11:29:46 +02:00
George Thessalonikefs
2569b12b9c
- Fix to stop possible loops in the tcp reuse code (write_wait list
...
and tcp_wait list). Based on analysis and patch from Prad Seniappan
and Karthik Umashankar.
2022-10-07 11:25:36 +02:00
W.C.A. Wijngaards
bf1cce6f9b
- Fix proxy length debug output printout typecasts.
2022-10-06 15:53:21 +02:00
W.C.A. Wijngaards
b043bc5eb4
- Fix to stop responses with TC flag from resulting in partial
...
responses. It retries to fetch the data elsewhere, or fails the
query and in depth fix removes the TC flag from the cached item.
2022-10-06 10:01:09 +02:00
George Thessalonikefs
d122617dd4
- Fix checkconf test for dnscrypt and proxy port.
2022-10-05 22:03:01 +02:00
W.C.A. Wijngaards
6b8181acb7
- Fix dnscrypt compile for proxy protocol code changes.
2022-10-05 14:09:12 +02:00
George Thessalonikefs
f609a45354
- Make ede.tdir test more predictable by using static data.
2022-10-05 02:44:50 +02:00
George Thessalonikefs
60db1111c0
- Use DEBUG_TDIR from environment in mini_tdir.sh for debugging.
...
- Fix string comparison in mini_tdir.sh.
2022-10-05 01:13:29 +02:00
George Thessalonikefs
40b2b3a6f3
Changelog entry for #764
...
- Merge #764 : Leniency for target discovery when under load (for
NRDelegation changes).
2022-10-04 22:24:18 +02:00
W.C.A. Wijngaards
f0614a57f8
- Fix to clean up after the acl_interface unit test.
2022-10-04 16:59:10 +02:00
W.C.A. Wijngaards
bf7a2884fb
- Fix static analysis report to remove dead code from the
...
rpz_callback_from_iterator_module function.
2022-10-04 09:08:11 +02:00
W.C.A. Wijngaards
c0eaadfc42
- Fix to close errno block in comm_point_tcp_handle_read outside of
...
ifdef.
2022-10-03 16:21:39 +02:00
George Thessalonikefs
22e43aa631
Changelog entry for #760
...
- Merge #760 : PROXYv2 downstream support. (New proxy-protocol-port
configuration option).
2022-10-03 15:34:22 +02:00
Yorgos Thessalonikefs
c4e51a4cfe
PROXYv2 downstream support ( #760 )
2022-10-03 15:29:47 +02:00
W.C.A. Wijngaards
7d96a7e3fe
- Fix windows compile, the identifier interface is defined in headers.
2022-10-03 15:03:50 +02:00
W.C.A. Wijngaards
9842fbf760
- Fix test tdir skip report printout.
2022-10-03 10:26:30 +02:00
W.C.A. Wijngaards
a102fb1df8
- Fix to remove erroneous TC flag from TCP upstream.
2022-10-03 09:53:41 +02:00
Willem Toorop
75f3fbdd65
Downstream DNS Cookies a la RFC7873 and RFC9018
...
Create server cookies for clients that send client cookies.
Needs to be turned on in the config file with:
answer-cookie: yes
A cookie-secret can be configured for anycast setups.
Also adds an access control list that will allow queries with
either a valid cookie or over a stateful transport.
2022-09-28 10:28:19 +02:00
George Thessalonikefs
5b98816751
- Better output for skipped tdir tests.
2022-09-26 15:51:28 +02:00
W.C.A. Wijngaards
e93c75a5d4
- Fix doxygen warning in respip.h.
2022-09-21 15:23:04 +02:00
W.C.A. Wijngaards
8e18f11965
- This patch was released in 1.16.3, the code repository continues
...
with the previous features and fixes for 1.17.0.
2022-09-21 12:16:13 +02:00
W.C.A. Wijngaards
e3871ca907
Merge branch 'branch-1.16.3'
2022-09-21 12:11:26 +02:00
W.C.A. Wijngaards
137719522a
- Patch for CVE-2022-3204 Non-Responsive Delegation Attack.
2022-09-21 11:10:38 +02:00
George Thessalonikefs
99e12ae4b5
- Remove unused testcode/mini_tpkg.sh file.
2022-09-20 14:47:24 +02:00
George Thessalonikefs
9b1647ebae
- Convert tdir tests to use the new skip_test functionality.
2022-09-20 14:45:20 +02:00
George Thessalonikefs
307805b64f
Changelog entry for #753 :
...
- Merge #753 : ACL per interface. (New interface-* configuration
options).
2022-09-20 11:36:01 +02:00
George Thessalonikefs
aec33b3d63
Documentation for interface-* options.
2022-09-11 20:21:32 +02:00
George Thessalonikefs
c30bdff939
Initial commit for interface based ACL.
2022-09-11 20:21:32 +02:00
W.C.A. Wijngaards
007db2c327
- Fix to check pthread_t size after pthread has been detected.
2022-09-02 10:21:00 +02:00
W.C.A. Wijngaards
5bbaf78c3f
- Remove include that was there for debug purposes.
2022-09-02 10:11:23 +02:00
W.C.A. Wijngaards
57230d7f22
- Fix to log a verbose message at operational notice level if a
...
thread is not responding, to stats requests. It is logged with
thread identifiers.
2022-09-01 15:14:20 +02:00
W.C.A. Wijngaards
d66e1cccf8
- Fix to set out of file descriptor warning to operational verbosity.
2022-09-01 14:01:56 +02:00
W.C.A. Wijngaards
2450b4653a
- Slow down log frequency of write wait failures.
2022-09-01 14:00:29 +02:00
W.C.A. Wijngaards
eb3378396f
- Fix to update config tests to fix checking if nonblocking sockets
...
work on OpenBSD.
2022-09-01 09:16:05 +02:00
W.C.A. Wijngaards
1f5cc25974
- Fix for wait for udp send to stop when packet is successfully sent.
2022-08-31 16:45:15 +02:00
W.C.A. Wijngaards
ec5812a748
- Fix to wait for blocked write on UDP sockets, with a timeout if it
...
takes too long the packet is dropped.
2022-08-31 11:54:11 +02:00
W.C.A. Wijngaards
10a5a5880a
- Patch from Vadim Fedorenko that adds MSG_DONTWAIT to receive
...
operations, so that instruction reordering does not cause mistakenly
blocking socket operations.
2022-08-31 10:11:25 +02:00
W.C.A. Wijngaards
2fa1c17cd9
- Fix to avoid process wide fcntl calls mixed with nonblocking
...
operations after a blocked write.
2022-08-31 10:09:39 +02:00
W.C.A. Wijngaards
e6f878ee71
- Fix #741 : systemd socket activation fails on IPv6.
2022-08-22 09:12:08 +02:00
W.C.A. Wijngaards
dc6c04b243
- Fix to log accept error ENFILE and EMFILE errno, but slowly, once
...
per 10 seconds. Also log accept failures when no slow down is used.
2022-08-12 09:54:29 +02:00
W.C.A. Wijngaards
ef57f8bd51
- Fix #734 [FR] enable unbound-checkconf to detect more (basic)
...
errors.
2022-08-05 14:41:05 +02:00
W.C.A. Wijngaards
fbe8e3b0b2
- Fix ratelimit inconsistency, for ip-ratelimits the value is the
...
amount allowed, like for ratelimits.
2022-08-04 11:33:37 +02:00
W.C.A. Wijngaards
1c164ab442
Changelog note for #730
...
- Merge #730 from luisdallos: Fix startup failure on Windows 8.1 due
to unsupported IPV6_USER_MTU socket option being set.
2022-08-02 16:12:31 +02:00
W.C.A. Wijngaards
07b073ddb3
- Fix unittest for edns subnet change.
2022-08-02 14:43:57 +02:00
W.C.A. Wijngaards
0f08cc6d55
- Fix edns subnet so that scope 0 answers only match sourcemask 0
...
queries for answers from cache if from a query with sourcemask 0.
2022-08-02 14:13:55 +02:00
W.C.A. Wijngaards
cd22fdc28d
- Fix #728 : alloc_reg_obtain() core dump. Stop double
...
alloc_reg_release when serviced_create fails.
2022-08-01 16:45:41 +02:00
W.C.A. Wijngaards
5ae48f85c0
- The code repo continues with 1.16.3.
2022-08-01 15:17:10 +02:00
W.C.A. Wijngaards
cbed768b8f
- Tests for ghost domain fixes.
2022-08-01 13:26:22 +02:00
W.C.A. Wijngaards
f6753a0f10
- Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699.
2022-08-01 13:24:40 +02:00
W.C.A. Wijngaards
f993ffbb07
Changelog note for #718
...
- Merge #718 : Introduce infra-cache-max-rtt option to config max
retransmit timeout.
2022-07-19 15:19:12 +02:00
Wouter Wijngaards
ef9bb0213b
Merge pull request #718 from hunts/make_rtt_max_timeout_configurable
...
Introduce infra-cache-max-rtt option to config max retransmit timeout
2022-07-19 15:15:34 +02:00
George Thessalonikefs
309e23515e
- Update documentation for 'outbound-msg-retry:'.
2022-07-19 12:47:01 +02:00
Minghang Chen
249efd4285
Introduce infra-cache-max-rtt option to config max retransmit timeout
...
Added the option and let it default to 120 seconds so that it won't change
current behavior.
Related-to #717
2022-07-16 01:46:18 -07:00
W.C.A. Wijngaards
12cd495d55
- iana portlist update.
2022-07-15 09:20:25 +02:00
W.C.A. Wijngaards
33bd49af81
- Merge PR 714: Avoid treat normal hosts as unresponsive servers.
...
And fixup the lock code.
2022-07-15 08:51:31 +02:00
George Thessalonikefs
9e4a17baaf
- For windows crosscompile, fix setting the IPV6_MTU socket option
...
equivalent (IPV6_USER_MTU); allows cross compiling with latest
cross-compiler versions.
2022-07-12 17:17:59 +02:00
W.C.A. Wijngaards
2abd6f7d58
- Fix dname count in sldns parse type descriptor for SVCB and HTTPS.
2022-07-12 13:29:51 +02:00
W.C.A. Wijngaards
7696398231
- Fix verbose EDE error printout.
2022-07-11 13:13:51 +02:00
W.C.A. Wijngaards
a45ced7739
- This became 1.16.1 on 11 July 2022.
...
The code repo continues with version 1.16.2 under development.
2022-07-11 11:34:54 +02:00
W.C.A. Wijngaards
903538c76e
- Tag for 1.16.1rc1 release.
2022-07-04 13:48:56 +02:00
George Thessalonikefs
d447d60fc6
Merge branch 'crrodriguez-IP_BIND_ADDRESS_NO_PORT'
2022-07-04 12:49:00 +02:00
George Thessalonikefs
eda0c0c194
- Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for
...
one loop pass'.
2022-07-04 09:34:45 +02:00
George Thessalonikefs
309b1d368b
- Reintroduce documentation and more EDE support for
...
val_sigcrypt.c::dnskeyset_verify_rrset_sig.
2022-07-04 00:06:26 +02:00
George Thessalonikefs
c513119bba
- Improve val_sigcrypt.c::algo_needs_missing for one loop pass.
2022-07-03 23:32:18 +02:00
George Thessalonikefs
a30286502c
- Fix for correct openssl error when adding windows CA certificates to
...
the openssl trust store.
2022-07-03 22:41:39 +02:00
George Thessalonikefs
317bab9f1d
For #660 : formatting, less verbose logging, add EDE information.
2022-07-03 22:32:56 +02:00
George Thessalonikefs
2fba248ebe
Changelog entry for #660
...
- Merge PR #660 from Petr Menšík: Sha1 runtime insecure.
2022-07-03 22:28:17 +02:00
George Thessalonikefs
24cb764d61
- Add missing changelog entries from PR #706 .
2022-07-03 22:21:56 +02:00
George Thessalonikefs
cb28bdcdb0
Changelog entry for #671 :
...
- Merge PR #671 from Petr Menšík: Disable ED25519 and ED448 in FIPS
mode on openssl3.
2022-07-03 22:08:47 +02:00
Yorgos Thessalonikefs
b0ce31b4e4
Merge pull request #706 from NLnetLabs/nxns-fallback
...
NXNS fallback
2022-07-01 16:24:33 +02:00
George Thessalonikefs
923eb7d474
- Allow fallback to the parent side when MAX_TARGET_NX is reached.
...
This will also allow MAX_TARGET_NX more NXDOMAINs.
2022-06-29 17:32:29 +02:00
George Thessalonikefs
58b21e4fca
- Fix to not count cached NXDOMAIN for MAX_TARGET_NX.
2022-06-29 17:26:09 +02:00
W.C.A. Wijngaards
c8add463c4
- Fix compile warning for windows compile.
2022-06-29 12:00:44 +02:00
W.C.A. Wijngaards
203f606c38
- Fix detection of libz on windows compile with static option.
2022-06-29 11:41:20 +02:00
George Thessalonikefs
b816318106
- Fix #704 : [FR] Statistics counter for number of outgoing UDP queries
...
sent; introduces 'num.query.udpout' to the 'unbound-control stats'
command.
2022-06-29 10:51:54 +02:00
George Thessalonikefs
1ceb031b58
- Add debug option to the mini_tdir.sh test code.
2022-06-29 10:47:18 +02:00
George Thessalonikefs
352e1b28a1
Merge branch 'master' of github.com:NLnetLabs/unbound
2022-06-29 10:44:43 +02:00
W.C.A. Wijngaards
80dbc7dd2c
- iana portlist update.
2022-06-29 09:38:31 +02:00
George Thessalonikefs
12796d0af8
- Fix for cached 0 TTL records to not trigger prefetching when
...
serve-expired-client-timeout is set.
2022-06-28 17:05:28 +02:00
W.C.A. Wijngaards
b057d2127a
- Fix test program dohclient close to use portability routine.
2022-06-28 09:23:43 +02:00
George Thessalonikefs
9177867d07
- Show the output of the exact .rpl run that failed with 'make test'.
2022-06-28 00:22:30 +02:00
tcarpay
9e6b838d0b
Update changelog with #705 change
2022-06-23 17:21:17 +02:00
tcarpay
12552fddf0
clarify addition of verbosity level mentioned in #705
2022-06-23 15:00:48 +02:00
Philip Homburg
3bade62c8a
Fix use after free issue with edns options ( https://github.com/NLnetLabs/unbound/issues/663 )
2022-06-22 15:00:28 +02:00
Philip Homburg
c806b5a2df
Merge branch 'zone-parsers-blank-line-issue'
2022-06-21 15:32:35 +02:00
Philip Homburg
7f67f7118c
Change log entry for lines with blanks issue
2022-06-21 15:30:04 +02:00
George Thessalonikefs
7c9177095f
- Remove unused LDNS function check for GOST Engine unloading.
2022-06-20 16:27:15 +02:00
George Thessalonikefs
233cb5c218
- Note in the unbound.conf text that NOTIFY is allowed from the url:
...
addresses for auth and rpz zones.
2022-06-14 17:59:56 +02:00
George Thessalonikefs
e6a0afae73
Changelog entry for #688
...
- Merge PR #688 : Rpz url notify issue.
2022-06-14 17:56:23 +02:00
George Thessalonikefs
459b73018f
- Fix for edns client subnet to respect not looking in its cache when
...
instructed to do so (e.g., prefetch).
2022-06-03 16:11:35 +02:00
W.C.A. Wijngaards
97b7224885
- makedist.sh picks up 32bit libssp-0.dll when 32bit compile.
2022-06-03 15:18:27 +02:00
W.C.A. Wijngaards
a3ab0921b0
Continue with 1.16.1 under development.
2022-06-02 13:56:52 +02:00
W.C.A. Wijngaards
edc1d07718
- Version is set to 1.16.0 for release. Release tag 1.16.0rc1.
2022-05-27 16:09:28 +02:00
W.C.A. Wijngaards
2d61706171
- Fix #684 : [FTBS] configure script error with libmnl on openSUSE 15.3 (and possibly other distributions)
2022-05-27 09:10:16 +02:00
W.C.A. Wijngaards
11d077c826
- Fix some lint type warnings.
2022-05-20 15:32:27 +02:00
W.C.A. Wijngaards
d19d7b81ec
- Fix ede test to not use default pidfile, and use local interface.
2022-05-20 15:14:11 +02:00
W.C.A. Wijngaards
714200ad0e
- Fix to silence test for ede error output to the console from the
...
test setup script.
2022-05-20 09:08:29 +02:00
George Thessalonikefs
7e506bb477
- Fix typos in config_set_option for the 'num-threads' and
...
'ede-serve-expired' options.
2022-05-18 19:56:26 +03:00
George Thessalonikefs
f73e548934
- Fix #678 : [FR] modify behaviour of unbound-control rpz_enable zone,
...
by updating unbound-control's documentation.
2022-05-15 22:53:17 +03:00
W.C.A. Wijngaards
e62b309959
- For #677 : Added tls-system-cert to config parser and documentation.
...
- Changelog note for #677 .
2022-05-12 16:30:19 +02:00
George Thessalonikefs
daf316ea1b
- Fix #417 : prefetch and ECS causing cache corruption when used
...
together.
2022-05-12 00:56:01 +02:00
W.C.A. Wijngaards
f0d91950ad
- Fix #673 : DNS over TLS: error: SSL_handshake syscall: No route to
...
host.
2022-05-11 17:10:42 +02:00
George Thessalonikefs
77149fc2aa
- Fix Python build in non-source directory; based on patch by
...
Michael Tokarev.
2022-05-10 15:57:17 +02:00
tcarpay
47ce372f13
Changelog entry for #604 : Add the basic EDE (RFC8914) cases
2022-05-06 12:53:49 +02:00
tcarpay
0ce36e8289
Add the basic EDE (RFC8914) cases ( #604 )
2022-05-06 12:48:53 +02:00
W.C.A. Wijngaards
b61b0af5d6
- Fix #670 : SERVFAIL problems with unbound 1.15.0 running on
...
OpenBSD 7.1.
2022-04-28 14:51:47 +02:00
Christian Allred
d19e12ab5d
Merge branch 'master' of https://github.com/NLnetLabs/unbound into restart_conf
2022-04-18 12:16:40 -07:00
W.C.A. Wijngaards
1289c53c1a
- Fix zonemd unsupported algo check to set reason to NULL before the
...
check routine, but after malformed checks, to get the correct NULL
output when the digest matches.
2022-04-08 11:19:40 +02:00
W.C.A. Wijngaards
d02e83ae2b
- Fix zonemd unsupported algo check to print unsupported reason before
...
zeroing it.
2022-04-08 11:10:11 +02:00
W.C.A. Wijngaards
8f2847ba69
- Fix zonemd unsupported algo check reason to not copy to next record,
...
and check for success for debug printout.
2022-04-08 10:54:57 +02:00
W.C.A. Wijngaards
730a03e9bd
- Fix zonemd unsupported algo check.
2022-04-08 09:36:01 +02:00
W.C.A. Wijngaards
e4ca71e85b
- Fix zonemd check to allow unsupported algorithms to load.
...
If there are only unsupported algorithms, or unsupported schemes,
and no failed or successful other ZONEMD records, or malformed
or bad ZONEMD records, the unsupported records allow the zone load.
2022-04-08 09:29:37 +02:00
W.C.A. Wijngaards
8f8a8a341a
- Fix spelling error in comment in sldns_str2wire_svcparam_key_lookup.
2022-03-25 16:07:23 +01:00
W.C.A. Wijngaards
722391baf1
- Fix #651 : [FR] Better logging for refused queries.
2022-03-23 13:56:52 +01:00
George Thessalonikefs
1e23c4a376
Merge PR #648 from eaglegai: fix -q doesn't work when use with
...
'unbound-control stats_shm'
2022-03-18 16:03:35 +02:00
W.C.A. Wijngaards
9484ddee2e
- Fix to describe auth-zone and other configuration at the local-zone
...
configuration option, to allow for more broadly view of the options.
2022-03-17 14:24:37 +01:00
W.C.A. Wijngaards
402135b41a
- Fix to ensure uniform handling of spaces and tabs when parsing RRs.
2022-03-16 09:54:53 +01:00
W.C.A. Wijngaards
b0dbfa37f9
Changelog note for #644 , move commands together for library binary.
2022-03-09 09:43:07 +01:00
W.C.A. Wijngaards
62c5039ab9
- Fix configure for python to use sysutils, because distutils is
...
deprecated. It uses sysutils when available, distutils otherwise.
2022-03-07 14:02:31 +01:00
W.C.A. Wijngaards
b202b0874c
- Fix for #637 : fix integer overflow checks in sldns_str2period.
2022-03-03 16:24:46 +01:00
W.C.A. Wijngaards
debe5c665f
- Fix #637 : Integer Overflow in sldns_str2period function.
2022-03-03 14:19:59 +01:00
W.C.A. Wijngaards
f81420d77f
- Fix compile warnings for printf ll format on mingw compile.
2022-03-02 14:34:36 +01:00
George Thessalonikefs
b8e7dfa01e
- Various fixes for #632 : variable initialisation, convert the qinfo
...
to str once, accept trailing dot in the local-zone ipset option.
2022-03-02 14:29:56 +01:00
George Thessalonikefs
f7ca447368
Changelog entry for #632
...
- Merge PR #632 from scottrw93: Match cnames in ipset.
2022-03-02 13:22:17 +01:00
W.C.A. Wijngaards
99a3f5ee85
- Fix pythonmod for change in iter_dp_is_useless function prototype.
2022-03-01 10:27:24 +01:00
W.C.A. Wijngaards
7749d98a14
- Fix for edns client subnet option add fix in removal code, from review.
2022-02-28 14:51:35 +01:00
W.C.A. Wijngaards
8e8ccfe3c3
- Fix edns client subnet to add the option based on the option list,
...
so that it is not state dependent, after the state fix of #605 for
double EDNS options.
2022-02-28 14:39:48 +01:00
George Thessalonikefs
ad158ed5cc
Changelog entry for #623 :
...
- Merge #623 from rex4539: Fix typos.
2022-02-28 12:37:59 +01:00
George Thessalonikefs
82adcfb971
- Fix #630 : Unify the RPZ log messages.
2022-02-28 12:07:25 +01:00
W.C.A. Wijngaards
6e64356175
- Fix for #633 : updated fix with new text.
2022-02-28 09:56:30 +01:00
W.C.A. Wijngaards
e11cf2d964
- Fix #633 : Document unix domain socket support for unbound-control.
2022-02-28 09:39:33 +01:00
W.C.A. Wijngaards
c084c27b39
- Fix check interface existence for support detection in remote lookup.
2022-02-25 15:24:40 +01:00