upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
4518 commits 23 branches 209 tags 123 MiB
Commit graph

3083 commits

Author SHA1 Message Date
Wouter Wijngaards
ccf1ff8f02 - local-zone noview can be used to break out of the view to the 
global local zone contents, for queries for that zone.


git-svn-id: file:///svn/unbound/trunk@4540 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-19 12:13:23 +00:00
Wouter Wijngaards
76eee77b08 - Fix #3505: Documentation for default local zones references 
wrong RFC.


git-svn-id: file:///svn/unbound/trunk@4539 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-19 08:43:23 +00:00
Wouter Wijngaards
5b7942d197 - Fixes for clang static analyzer, the missing ; in 
edns-subnet/addrtree.c after the assert made clang analyzer
  produce a failure to analyze it.


git-svn-id: file:///svn/unbound/trunk@4538 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-16 10:31:48 +00:00
Ralph Dolmans
a5df3a131e - Aggressive NSEC tests 
git-svn-id: file:///svn/unbound/trunk@4537 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 14:40:29 +00:00
Wouter Wijngaards
b32284af57 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 10:35:31 +00:00
Wouter Wijngaards
54bd1fdd62 - tls-cert-bundle option in unbound.conf enables TLS authentication. 
git-svn-id: file:///svn/unbound/trunk@4532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 10:35:09 +00:00
Wouter Wijngaards
da961fd840 - Unit test for auth zone https url download. 
git-svn-id: file:///svn/unbound/trunk@4531 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-12 15:40:05 +00:00
Ralph Dolmans
0648475a66 - Processed aggressive NSEC code review remarks Wouter 
git-svn-id: file:///svn/unbound/trunk@4529 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-12 12:14:01 +00:00
Ralph Dolmans
eff62cecac - Added tests with wildcard expanded NSEC records (CVE-2017-15105 test) 
git-svn-id: file:///svn/unbound/trunk@4528 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-12 11:39:03 +00:00
Wouter Wijngaards
d19f3c8c07 - auth zone url config. 
git-svn-id: file:///svn/unbound/trunk@4525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 16:11:27 +00:00
Ralph Dolmans
77f78152ee - Aggressive use of NSEC implementation. Use cached NSEC records to generate 
NXDOMAIN, NODATA and positive wildcard answers.


git-svn-id: file:///svn/unbound/trunk@4522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 13:16:36 +00:00
Wouter Wijngaards
48bd83f3b4 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4519 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 10:14:34 +00:00
Wouter Wijngaards
a1b7abfb9f - auth-zone provides a way to configure RFC7706 from unbound.conf, 
eg. with auth-zone: name: "." for-downstream: no for-upstream: yes
  fallback-enabled: yes and masters or a zonefile with data.


git-svn-id: file:///svn/unbound/trunk@4510 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-05 14:21:46 +00:00
Wouter Wijngaards
bf6f33ceaf - Fix #3451: dnstap not building when you have a separate build dir. 
And removed protoc warning, set dnstap.proto syntax to proto2.


git-svn-id: file:///svn/unbound/trunk@4508 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-05 12:14:51 +00:00
Wouter Wijngaards
632ea0d02e - lock subnet new item before insertion to please checklocks, 
no modification of critical regions outside of lock region.


git-svn-id: file:///svn/unbound/trunk@4497 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 10:52:44 +00:00
Wouter Wijngaards
cb28d35bd2 - Fix lock race condition in dns cache dname synthesis. 
git-svn-id: file:///svn/unbound/trunk@4495 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 10:33:19 +00:00
Wouter Wijngaards
004609b5a7 - unit test with valgrind 
git-svn-id: file:///svn/unbound/trunk@4494 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 09:52:52 +00:00
Wouter Wijngaards
30891d6fff - Fix unfreed locks in log and arc4random at exit of unbound. 
git-svn-id: file:///svn/unbound/trunk@4491 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 09:27:16 +00:00
Wouter Wijngaards
8605797002 - fix unaligned structure making a false positive in checklock 
unitialised memory.


git-svn-id: file:///svn/unbound/trunk@4490 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-01 15:55:48 +00:00
Ralph Dolmans
b9f4ff6e9f - Use NSEC with longest ce to prove wildcard absence. 
- Only use *.ce to prove wildcard absence, no longer names.


git-svn-id: file:///svn/unbound/trunk@4460 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-29 13:46:57 +00:00
Wouter Wijngaards
ec179380f4 - ltrace.conf file for libunbound in contrib. 
git-svn-id: file:///svn/unbound/trunk@4449 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-25 09:31:49 +00:00
Wouter Wijngaards
7eddb38162 - Print fatal errors about remote control setup before log init, 
so that it is printed to console.


git-svn-id: file:///svn/unbound/trunk@4448 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-23 15:59:18 +00:00
Wouter Wijngaards
c54dfcade9 - Fix that unbound-checkconf -f flag works with auto-trust-anchor-file 
for startup scripts to get the full pathname(s) of anchor file(s).


git-svn-id: file:///svn/unbound/trunk@4447 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-23 14:20:17 +00:00
Wouter Wijngaards
859ca7db68 - Fix #3397: Fix that when the cache contains an unsigned DNAME in 
the middle of a cname chain, a result without the DNAME could
  be returned.


git-svn-id: file:///svn/unbound/trunk@4446 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-22 14:30:16 +00:00
Wouter Wijngaards
df6fbb82be - Fix #3397: Fix that cachedb could return a partial CNAME chain. 
git-svn-id: file:///svn/unbound/trunk@4445 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-22 13:54:20 +00:00
Wouter Wijngaards
4b4b1eec8b - Accept tls-upstream in unbound.conf, the ssl-upstream keyword is 
also recognized and means the same.  Also for tls-port,
  tls-service-key, tls-service-pem, stub-tls-upstream and
  forward-tls-upstream.


git-svn-id: file:///svn/unbound/trunk@4444 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-22 08:35:44 +00:00
Wouter Wijngaards
d759fdd457 - make depend: code dependencies updated in Makefile. 
git-svn-id: file:///svn/unbound/trunk@4443 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-19 09:52:40 +00:00
Wouter Wijngaards
fa57a0fbac - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4442 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-19 09:51:50 +00:00
Wouter Wijngaards
2a6250e3fb - patch for CVE-2017-15105: vulnerability in the processing of 
wildcard synthesized NSEC records.


git-svn-id: file:///svn/unbound/trunk@4441 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-19 09:50:35 +00:00
Wouter Wijngaards
be26349e37 - trunk has 1.6.9 with fix and previous commits. 
git-svn-id: file:///svn/unbound/trunk@4440 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-19 09:49:32 +00:00
Ralph Dolmans
b2943670ca - Copy query and correctly set flags on REFUSED answers when cache snooping is 
not allowed.


git-svn-id: file:///svn/unbound/trunk@4436 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-04 15:16:19 +00:00
Ralph Dolmans
0df528cc9e - Fix queries being leaked above stub when refetching glue. 
git-svn-id: file:///svn/unbound/trunk@4434 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-03 16:54:22 +00:00
Wouter Wijngaards
44eb7bfd25 - Remove clang optimizer disable, 
Fix that expiration date checks don't fail with clang -O2.


git-svn-id: file:///svn/unbound/trunk@4431 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-02 10:48:00 +00:00
Wouter Wijngaards
6cb75924d9 - Fix that DS queries with referral replies are answered straight 
away, without a repeat query picking the DS from cache.
  The correct reply should have been an answer, the reply is fixed
  by the scrubber to have the answer in the answer section.


git-svn-id: file:///svn/unbound/trunk@4430 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-02 09:48:22 +00:00
Wouter Wijngaards
cb98f5896f - Also disable -flto for clang, to make incep-expi signature check 
work.


git-svn-id: file:///svn/unbound/trunk@4429 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-15 12:54:02 +00:00
Wouter Wijngaards
dfba6bf690 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4428 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-15 12:42:45 +00:00
Wouter Wijngaards
06b80629bc - Fix timestamp failure because of clang optimizer failure, by 
disabling -O2 when the compiler --version is clang.


git-svn-id: file:///svn/unbound/trunk@4427 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-15 10:25:41 +00:00
Wouter Wijngaards
30da6bde6f - authzone work, transfer connect. 
git-svn-id: file:///svn/unbound/trunk@4420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-12 15:39:45 +00:00
Ralph Dolmans
d918602521 - Fix qname-minimisation documentation (A QTYPE, not NS) 
git-svn-id: file:///svn/unbound/trunk@4419 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-12 09:23:13 +00:00
Ralph Dolmans
e2aef3fa43 - Check whether --with-libunbound-only is set when using --with-nettle or 
--with-nss. 


git-svn-id: file:///svn/unbound/trunk@4418 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-07 10:51:22 +00:00
Wouter Wijngaards
2f69cd1765 - Fix link failure on OmniOS. 
git-svn-id: file:///svn/unbound/trunk@4414 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-04 08:28:16 +00:00
Wouter Wijngaards
d88bb99957 - auth zone work. probe hostname lookup. 
git-svn-id: file:///svn/unbound/trunk@4411 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-01 14:02:28 +00:00
Wouter Wijngaards
aeeb123b1e - Fix #3299 - forward CNAME daisy chain is not working 
git-svn-id: file:///svn/unbound/trunk@4409 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-30 08:34:20 +00:00
Wouter Wijngaards
975a7b1fc0 - auth xfer work on probe timer and lookup. 
git-svn-id: file:///svn/unbound/trunk@4405 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-14 15:58:24 +00:00
Wouter Wijngaards
52aeaf4924 - Fix #2882: Unbound behaviour changes (wrong) when domain-insecure is 
set for stub zone.  It no longer searches for DNSSEC information.


git-svn-id: file:///svn/unbound/trunk@4404 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-14 10:01:44 +00:00
Wouter Wijngaards
6c2fa12f10 no AAAA shortcuts. 
git-svn-id: file:///svn/unbound/trunk@4403 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 14:15:10 +00:00
Wouter Wijngaards
f3304d408c - Fix qname minimisation to send AAAA queries at zonecut like type A. 
git-svn-id: file:///svn/unbound/trunk@4402 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 12:11:38 +00:00
Wouter Wijngaards
05e3539856 - Fix #2801: Install libunbound.pc. 
git-svn-id: file:///svn/unbound/trunk@4401 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 10:25:01 +00:00
Wouter Wijngaards
62fff935da - Fix #2492: Documentation libunbound. 
git-svn-id: file:///svn/unbound/trunk@4399 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-07 08:05:12 +00:00
Wouter Wijngaards
35bd34f8e6 - Fix #2141 - for libsodium detect lack of entropy in chroot, print 
a message and exit.


git-svn-id: file:///svn/unbound/trunk@4398 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-03 15:08:14 +00:00
Wouter Wijngaards
02fdb4c879 - Fix #2034 - Autoconf and -flto. 
git-svn-id: file:///svn/unbound/trunk@4397 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-03 10:52:25 +00:00
Wouter Wijngaards
621b1c57a3 - Fix #2362: TLS1.3/openssl-1.1.1 not working. 
git-svn-id: file:///svn/unbound/trunk@4396 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-03 07:40:36 +00:00
Wouter Wijngaards
10b8997cc5 - make ip-transparent option work on OpenBSD. 
git-svn-id: file:///svn/unbound/trunk@4393 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-02 09:34:19 +00:00
Wouter Wijngaards
d41209512e - Fix #1913: ub_ctx_config is under circumstances thread-safe. 
git-svn-id: file:///svn/unbound/trunk@4392 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-02 08:23:52 +00:00
Wouter Wijngaards
8cf7e424e2 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4391 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-31 13:18:04 +00:00
Wouter Wijngaards
cba64aaaa4 - lexer output. 
git-svn-id: file:///svn/unbound/trunk@4390 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-31 10:07:01 +00:00
Wouter Wijngaards
31b331ca67 - Document that errno is left informative on libunbound config read 
fail.


git-svn-id: file:///svn/unbound/trunk@4389 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-31 08:18:18 +00:00
Ralph Dolmans
e13088d911 - Fix #2031: Double included headers 
git-svn-id: file:///svn/unbound/trunk@4388 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-25 13:30:32 +00:00
Ralph Dolmans
d016f85110 - Fix #1949: [dnscrypt] make provider name mismatch more obvious. 
git-svn-id: file:///svn/unbound/trunk@4387 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-25 10:13:35 +00:00
Ralph Dolmans
bcadc2b45c - Fixed libunbound manual typo. 
git-svn-id: file:///svn/unbound/trunk@4386 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-25 08:38:24 +00:00
Ralph Dolmans
afb2d5f105 - Update B root ipv4 address. 
git-svn-id: file:///svn/unbound/trunk@4385 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-24 14:50:20 +00:00
Wouter Wijngaards
bdb6a5501a - authzone work, probe timer setup. 
git-svn-id: file:///svn/unbound/trunk@4378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-19 09:03:36 +00:00
Wouter Wijngaards
7bf7524d22 - lint for recent authzone commit. 
git-svn-id: file:///svn/unbound/trunk@4377 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-18 06:43:51 +00:00
Wouter Wijngaards
b37bc47eaa - Work on local root zone code. 
git-svn-id: file:///svn/unbound/trunk@4376 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 15:16:31 +00:00
Wouter Wijngaards
c5c2cb13d4 - Better documentation for cache-max-negative-ttl. 
git-svn-id: file:///svn/unbound/trunk@4375 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 12:53:21 +00:00
Wouter Wijngaards
52e2331dd4 - [dnscrypt] prevent dnscrypt-secret-key, dnscrypt-provider-cert 
duplicates
- [dnscrypt] introduce dnscrypt-provider-cert-rotated option,
  from Manu Bretelle.
	This option allows handling multiple cert/key pairs while only
	distributing some of them.
	In order to reliably match a client magic with a given key without
	strong assumption as to how those were generated, we need both key and
	cert. Likewise, in order to know which ES version should be used.
	On the other hand, when rotating a cert, it can be desirable to only
	serve the new cert but still be able to handle clients that are still
	using the old certs's public key.
	The `dnscrypt-provider-cert-rotated` allow to instruct unbound to not
	publish the cert as part of the DNS's provider_name's TXT answer.



git-svn-id: file:///svn/unbound/trunk@4373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 07:34:49 +00:00
Wouter Wijngaards
5ad3bbb27f - Fix #1749: With harden-referral-path: performance drops, due to 
circular dependency in NS and DS lookups.


git-svn-id: file:///svn/unbound/trunk@4372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 07:22:58 +00:00
Wouter Wijngaards
a253d276d7 - trunk has version 1.6.8. 
git-svn-id: file:///svn/unbound/trunk@4371 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-10 07:38:56 +00:00
Wouter Wijngaards
effb5c4203 - tag 1.6.7 
git-svn-id: file:///svn/unbound/trunk@4369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-10 07:10:35 +00:00
Wouter Wijngaards
64f4a0d800 - Fix spelling in unbound-control man page. 
git-svn-id: file:///svn/unbound/trunk@4368 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-06 07:00:10 +00:00
Wouter Wijngaards
5ef3663385 - tag 1.6.7rc1 
git-svn-id: file:///svn/unbound/trunk@4366 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 14:31:39 +00:00
Ralph Dolmans
9a727c3c1a - Use RCODE from A response on DNS64 synthesized answer. 
git-svn-id: file:///svn/unbound/trunk@4365 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 13:55:04 +00:00
Wouter Wijngaards
d506659635 - Fix some more crpls in testdata for different signaling default. 
git-svn-id: file:///svn/unbound/trunk@4363 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 10:44:16 +00:00
Wouter Wijngaards
9247e8522b - Fix trust-anchor-signaling works in libunbound. 
git-svn-id: file:///svn/unbound/trunk@4362 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 10:37:34 +00:00
Ralph Dolmans
ac9b95ca0c - Set trust-anchor-signaling default to yes 
git-svn-id: file:///svn/unbound/trunk@4360 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 10:17:25 +00:00
Wouter Wijngaards
bbe5c6acf0 - Fix param unused warning for windows exportsymbol compile. 
git-svn-id: file:///svn/unbound/trunk@4359 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-02 12:24:48 +00:00
Ralph Dolmans
5e4faec554 - Fix #1450: Generate again patch contrib/aaaa-filter-iterator.patch (by Danilo 
G. Baio). 


git-svn-id: file:///svn/unbound/trunk@4358 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-25 12:49:47 +00:00
Ralph Dolmans
207beff489 - Log name of looping module 
git-svn-id: file:///svn/unbound/trunk@4357 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-21 08:19:47 +00:00
Wouter Wijngaards
60beab1e8d Spelling fixes are from Josh Soref. 
git-svn-id: file:///svn/unbound/trunk@4356 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-20 07:01:52 +00:00
Wouter Wijngaards
7afdc695fe - Fix DNSCACHE_STORE_ZEROTTL to be bigger than 0xffff. 
git-svn-id: file:///svn/unbound/trunk@4355 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-19 11:54:58 +00:00
Wouter Wijngaards
55d8fe2837 - use a cachedb answer even if it's "expired" when serve-expired is yes 
(patch from Jinmei Tatuya).
- trigger refetching of the answer in that case (this will bypass
  cachedb lookup)
- allow storing a 0-TTL answer from cachedb in the in-memory message
  cache when serve-expired is yes


git-svn-id: file:///svn/unbound/trunk@4353 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-19 09:08:29 +00:00
Ralph Dolmans
3427b992f7 - Fix #1400: allowing use of global cache on ECS-forwarding unless 
always-forward.


git-svn-id: file:///svn/unbound/trunk@4352 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 09:09:10 +00:00
Wouter Wijngaards
ee8f07a686 - Fix #1440: [dnscrypt] client nonce cache. 
git-svn-id: file:///svn/unbound/trunk@4351 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 08:55:08 +00:00
Wouter Wijngaards
c49226613b - Fix #1435: Please allow UDP to be disabled separately upstream and 
downstream.


git-svn-id: file:///svn/unbound/trunk@4349 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 08:42:24 +00:00
Wouter Wijngaards
3ede03449c - Fix that looping modules always stop the query, and don't pass 
control.


git-svn-id: file:///svn/unbound/trunk@4348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 07:54:24 +00:00
Wouter Wijngaards
60318b18f7 - tag 1.6.6rc2, became 1.6.6 on 18 sep. trunk 1.6.7 in development. 
git-svn-id: file:///svn/unbound/trunk@4347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 07:49:41 +00:00
Wouter Wijngaards
7d17a926ac - Spelling fixes, from Phil Porada. 
git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
Wouter Wijngaards
ce1f757ce0 - Fix unbound-host to report error for DNSSEC state of failed lookups. 
git-svn-id: file:///svn/unbound/trunk@4343 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:11:43 +00:00
Wouter Wijngaards
b01f0db381 - tag 1.6.6rc2 
git-svn-id: file:///svn/unbound/trunk@4341 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-13 06:57:39 +00:00
Wouter Wijngaards
0b7d3bfd30 - Add dns64 for client-subnet in unbound-checkconf. 
git-svn-id: file:///svn/unbound/trunk@4340 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-12 05:43:46 +00:00
Wouter Wijngaards
edd22eb36c - Fix #1434: Fix windows openssl 1.1.0 linking. 
git-svn-id: file:///svn/unbound/trunk@4338 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-05 08:28:39 +00:00
Ralph Dolmans
eb25148123 - Fix #1412: QNAME minimisation strict mode not honored 
git-svn-id: file:///svn/unbound/trunk@4337 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-04 15:15:27 +00:00
Wouter Wijngaards
0fcc88689d - makedist fix for windows binaries, with openssl 1.1.0 windres fix, 
and expat 2.2.4 install target fix.


git-svn-id: file:///svn/unbound/trunk@4336 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-04 14:02:15 +00:00
Wouter Wijngaards
03d62b2e43 note tag 1.6.6rc1 
git-svn-id: file:///svn/unbound/trunk@4335 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-04 12:55:25 +00:00
Wouter Wijngaards
08ceb2a737 - Recommend 1472 buffer size in unbound.conf 
git-svn-id: file:///svn/unbound/trunk@4332 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-01 14:54:37 +00:00
Wouter Wijngaards
6a5e7be380 - Fix #1418: [ip ratelimit] initialize slabhash using 
ip-ratelimit-slabs.


git-svn-id: file:///svn/unbound/trunk@4330 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 12:02:14 +00:00
Wouter Wijngaards
a17400b45e dnscrypt cache size configuration option. 
git-svn-id: file:///svn/unbound/trunk@4328 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 11:58:29 +00:00
Wouter Wijngaards
a1153ba1f7 - make depend 
git-svn-id: file:///svn/unbound/trunk@4327 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 08:08:45 +00:00
Wouter Wijngaards
425dec3037 - Fix #1417: [dnscrypt] shared secret cache counters, and works when 
dnscrypt is not enabled.


git-svn-id: file:///svn/unbound/trunk@4326 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 08:06:17 +00:00
Wouter Wijngaards
a270aa3c53 - but reverted that, tests fails with that escape. 
git-svn-id: file:///svn/unbound/trunk@4325 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 07:48:09 +00:00
Wouter Wijngaards
8a6d68e5d2 - For #1417: escape ; in dnscrypt tests. 
git-svn-id: file:///svn/unbound/trunk@4324 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 07:43:54 +00:00
Wouter Wijngaards
79c45131d1 - Fix #1424: cachedb:testframe is not thread safe. 
git-svn-id: file:///svn/unbound/trunk@4323 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 07:35:08 +00:00
Wouter Wijngaards
fe18bbcb1f - Fix 1416: qname-minimisation breaks TLSA lookups with CNAMEs. 
git-svn-id: file:///svn/unbound/trunk@4322 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-30 13:13:43 +00:00
Wouter Wijngaards
7a322130d6 - updated contrib/fastrpz.patch to apply with configparser changes. 
git-svn-id: file:///svn/unbound/trunk@4321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-30 11:12:03 +00:00
Wouter Wijngaards
2f270e6fbb - fixup WKS test on buildhost without servicebyname. 
git-svn-id: file:///svn/unbound/trunk@4319 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-29 08:56:22 +00:00
Wouter Wijngaards
cfcf5437f4 - new keys and certs for dnscrypt tests. 
git-svn-id: file:///svn/unbound/trunk@4318 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-29 08:48:19 +00:00
Wouter Wijngaards
f5a2cb3593 - zero qinfo in handle_request, this zeroes local_alias and also the 
qname member.


git-svn-id: file:///svn/unbound/trunk@4317 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-29 07:31:45 +00:00
Wouter Wijngaards
1624efa939 - Fix #1414: fix segfault on parse failure and log_replies. 
git-svn-id: file:///svn/unbound/trunk@4316 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-29 07:28:29 +00:00
Wouter Wijngaards
3c3f1b42bb - Fix WKS records on kvm autobuild host, with default protobyname 
entries for udp and tcp.


git-svn-id: file:///svn/unbound/trunk@4314 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-28 13:00:45 +00:00
Wouter Wijngaards
9a44fc5142 - Small fixes for the shared secret cache patch. 
git-svn-id: file:///svn/unbound/trunk@4313 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-28 11:05:51 +00:00
Wouter Wijngaards
e3cc298ffd - Fix #1415: [dnscrypt] shared secret cache, patch from 
Manu Bretelle.


git-svn-id: file:///svn/unbound/trunk@4312 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-28 10:55:41 +00:00
Wouter Wijngaards
cd46a535cd - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4311 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-28 08:29:00 +00:00
Wouter Wijngaards
80f310e2a4 - Fix #1415: patch to free dnscrypt environment on reload. 
git-svn-id: file:///svn/unbound/trunk@4310 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-28 07:49:42 +00:00
Wouter Wijngaards
ffc2f687cf - Fix to reclaim tcp handler when it is closed due to dnscrypt buffer 
allocation failure.


git-svn-id: file:///svn/unbound/trunk@4309 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-22 13:40:44 +00:00
Wouter Wijngaards
e5b8a37a20 - make depend 
git-svn-id: file:///svn/unbound/trunk@4308 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-22 07:44:41 +00:00
Wouter Wijngaards
3dc206c721 - Fix #1407: Add ECS options check to unbound-checkconf. 
git-svn-id: file:///svn/unbound/trunk@4307 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-22 07:43:59 +00:00
Wouter Wijngaards
d8960d2c55 - Fix #1402: squelch invalid argument error for fd_set_block on windows. 
git-svn-id: file:///svn/unbound/trunk@4306 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-21 14:15:32 +00:00
Wouter Wijngaards
64a5e6af4a Better text for change: 
- Fix install of trust anchor when two anchors are present, makes both
	  valid. Checks hash of DS but not signature of new key. This fixes
	  the root.key file if created when unbound is installed between
	  sep11 and oct11 2017.



git-svn-id: file:///svn/unbound/trunk@4305 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-21 12:48:05 +00:00
Wouter Wijngaards
b320c7ebd5 - Fix issue on macOX 10.10 where TCP fast open is detected but not 
implemented causing TCP to fail. The fix allows fallback to regular
  TCP in this case and is also more robust for cases where connectx()
  fails for some reason.


git-svn-id: file:///svn/unbound/trunk@4304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-21 11:44:46 +00:00
Wouter Wijngaards
8d1e4b3648 - Fix install of trust anchor when two anchors are present, makes both 
valid.  Checks hash of DS but not signature of new key.  This fixes
  installs between sep11 and oct11 2017.


git-svn-id: file:///svn/unbound/trunk@4302 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-21 08:57:44 +00:00
Wouter Wijngaards
61605c1dfa - Patch to show DNSCrypt status in help output, from Carsten 
Strotmann.


git-svn-id: file:///svn/unbound/trunk@4298 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-10 07:13:44 +00:00
Wouter Wijngaards
c8cdd542dd - Remove spaces from Makefile. 
git-svn-id: file:///svn/unbound/trunk@4297 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-08 09:43:51 +00:00
Wouter Wijngaards
ae67923bab - Fix #1398: make cachedb secret configurable. 
git-svn-id: file:///svn/unbound/trunk@4295 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-08 09:04:51 +00:00
Wouter Wijngaards
1159e53618 - Fix #1397: Recursive DS lookups for AS112 zones names should recurse. 
git-svn-id: file:///svn/unbound/trunk@4294 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-07 07:42:45 +00:00
Ralph Dolmans
3de694be05 Do not add rrset_bogus and query ratelimiting stats per thread. 
git-svn-id: file:///svn/unbound/trunk@4293 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 15:32:24 +00:00
Ralph Dolmans
7b18274d7e - Added stats for queries that have been ratelimited by domain recursion. 
git-svn-id: file:///svn/unbound/trunk@4292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 12:52:33 +00:00
Ralph Dolmans
9f49585a63 - Do not reset rrset.bogus stats when called using stats_noreset. 
git-svn-id: file:///svn/unbound/trunk@4291 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 10:50:46 +00:00
Ralph Dolmans
de731edc0d - Remove unused iter_env member (ip6arpa_dname) 
git-svn-id: file:///svn/unbound/trunk@4290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 09:29:21 +00:00
Wouter Wijngaards
4f9236ae55 - Fix #1394: mix of serve-expired and response-ip could cause a crash. 
git-svn-id: file:///svn/unbound/trunk@4289 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 07:13:12 +00:00
Wouter Wijngaards
ff6a1cee12 - iana update 
git-svn-id: file:///svn/unbound/trunk@4288 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 11:58:18 +00:00
Wouter Wijngaards
e396684a54 - Fix #1365: Add Ed25519 support using libnettle. 
git-svn-id: file:///svn/unbound/trunk@4286 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 10:44:30 +00:00
Wouter Wijngaards
8abb85e4b2 - Fix DSA configure switch (--disable dsa) for libnettle and libnss. 
git-svn-id: file:///svn/unbound/trunk@4285 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 10:09:05 +00:00
Wouter Wijngaards
b7d9b59aa9 - Fix compile with libnettle 
git-svn-id: file:///svn/unbound/trunk@4281 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:52:20 +00:00
Wouter Wijngaards
62e88b46cc - remove warning from windows compile. 
git-svn-id: file:///svn/unbound/trunk@4280 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:30:12 +00:00
Wouter Wijngaards
7f6827aaae - squelch TCP fast open error on FreeBSD when kernel has it disabled, 
unless verbosity is high.


git-svn-id: file:///svn/unbound/trunk@4279 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:14:42 +00:00
Wouter Wijngaards
abb6cfdebd - upgrade aclocal(pkg.m4 0.29.1), config.guess(2016-10-02), 
config.sub(2016-09-05).
- annotate case statement fallthrough for gcc 7.1.1.
- flex output from flex 2.6.1.
- snprintf of thread number does not warn about truncated string.


git-svn-id: file:///svn/unbound/trunk@4278 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:04:18 +00:00
Wouter Wijngaards
1d3e6758b2 - Fix #1349: allow suppression of pidfiles (from Daniel Kahn Gillmor). 
With the -p option unbound does not create a pidfile.


git-svn-id: file:///svn/unbound/trunk@4276 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-17 08:26:49 +00:00
Wouter Wijngaards
c52c07c086 - Fix #1350: make cachedb backend configurable (from JINMEI Tatuya). 
git-svn-id: file:///svn/unbound/trunk@4275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-17 08:21:19 +00:00
Wouter Wijngaards
160b70f417 - Redirect all localhost names to localhost address for RFC6761. 
git-svn-id: file:///svn/unbound/trunk@4273 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-11 14:29:54 +00:00
Wouter Wijngaards
c8189d1018 - Fix #1344: RFC6761-reserved domains: test. and invalid. 
git-svn-id: file:///svn/unbound/trunk@4272 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-11 13:27:33 +00:00
Wouter Wijngaards
bedac6bc28 test report again 
git-svn-id: file:///svn/unbound/trunk@4270 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 14:21:52 +00:00
Wouter Wijngaards
40a4688400 Test -f report. 
git-svn-id: file:///svn/unbound/trunk@4269 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 14:16:47 +00:00
Wouter Wijngaards
ecfe84702b run tests. 
git-svn-id: file:///svn/unbound/trunk@4267 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:41:13 +00:00
Wouter Wijngaards
0f4fdb6669 - Fix svn hooks for tdir (selected if testcode/mini_tdir.sh exists). 
git-svn-id: file:///svn/unbound/trunk@4266 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:39:28 +00:00
Wouter Wijngaards
ead37db595 - Fix tests to use .tdir (from Manu Bretelle) instead of .tpkg. 
git-svn-id: file:///svn/unbound/trunk@4263 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:27:05 +00:00
Wouter Wijngaards
522bff52fe - Fix 1332: Bump verbosity of failed chown'ing of the control socket. 
git-svn-id: file:///svn/unbound/trunk@4262 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-05 06:59:45 +00:00
Wouter Wijngaards
67f54eea66 - Fix openssl 1.1.0 load of ssl error strings from ssl init. 
git-svn-id: file:///svn/unbound/trunk@4260 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 13:37:37 +00:00
Wouter Wijngaards
1a0bb5ad5a - Fix pythonmod link line option flag. 
git-svn-id: file:///svn/unbound/trunk@4259 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 12:48:53 +00:00
Wouter Wijngaards
7e8e85459c - Fix #1331: libunbound segfault in threaded mode when context is 
deleted.


git-svn-id: file:///svn/unbound/trunk@4258 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 11:41:32 +00:00
Wouter Wijngaards
5fba7e4339 - Fix for unbound-checkconf, check ipsecmod-hook if ipsecmod is turned 
on.


git-svn-id: file:///svn/unbound/trunk@4257 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 07:14:37 +00:00
Wouter Wijngaards
08a3461810 - enhancement for hardened-tls for DNS over TLS. Removed duplicated 
security settings.


git-svn-id: file:///svn/unbound/trunk@4255 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 11:45:43 +00:00
Wouter Wijngaards
60d4c9bd54 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4254 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 07:36:02 +00:00
Wouter Wijngaards
7a9d8f49f4 - Fix python example0 return module wait instead of error for pass. 
git-svn-id: file:///svn/unbound/trunk@4253 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 07:28:11 +00:00
Wouter Wijngaards
50b7b2113e - Fix that infra cache host hash does not change after reconfig. 
git-svn-id: file:///svn/unbound/trunk@4252 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-27 15:23:17 +00:00
Wouter Wijngaards
0b8117df2f - Remove signed unsigned warning from authzone. 
git-svn-id: file:///svn/unbound/trunk@4251 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-27 10:54:15 +00:00
Wouter Wijngaards
0393f598d5 - Trunk contains 1.6.5, with changes from 26, 27 june. 
git-svn-id: file:///svn/unbound/trunk@4250 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-27 10:53:52 +00:00
Wouter Wijngaards
5573d7508b - unbound-control dump_infra prints port number for address if not 53. 
git-svn-id: file:///svn/unbound/trunk@4248 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-26 12:31:49 +00:00
Wouter Wijngaards
542162b4e0 - First fix for zero b64 and hex text zone format in sldns. 
git-svn-id: file:///svn/unbound/trunk@4247 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-26 11:36:54 +00:00
Wouter Wijngaards
e7260518ea - Better fixup of dnscrypt_cert_chacha test for different escapes. 
git-svn-id: file:///svn/unbound/trunk@4246 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-26 09:06:42 +00:00
Wouter Wijngaards
a2f8946764 - (for 1.6.5): fixup of dnscrypt_cert_chacha test (from Manu Bretelle). 
git-svn-id: file:///svn/unbound/trunk@4244 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-23 06:56:59 +00:00
Wouter Wijngaards
171a7a107e - Tag 1.6.4rc2 
git-svn-id: file:///svn/unbound/trunk@4242 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-22 12:08:18 +00:00
Ralph Dolmans
6195229d76 - Added fastrpz patch to contrib 
git-svn-id: file:///svn/unbound/trunk@4241 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-22 12:03:32 +00:00
Wouter Wijngaards
062515d9bc - Fix #1316: heap read buffer overflow in parse_edns_options. 
git-svn-id: file:///svn/unbound/trunk@4240 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-21 11:50:39 +00:00
Wouter Wijngaards
311264b960 - Fix lintian typo. 
git-svn-id: file:///svn/unbound/trunk@4239 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-20 13:34:01 +00:00
Wouter Wijngaards
bdd2cd248d - Tag 1.6.4rc1 
git-svn-id: file:///svn/unbound/trunk@4237 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-20 07:38:52 +00:00
Wouter Wijngaards
1f6a7da0b0 - Fix warning in pythonmod under clang compiler. 
git-svn-id: file:///svn/unbound/trunk@4236 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-20 07:05:30 +00:00
Ralph Dolmans
71d2d60b85 - Fix #1277: disable domain ratelimit by setting value to 0. 
git-svn-id: file:///svn/unbound/trunk@4235 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 13:22:43 +00:00
Wouter Wijngaards
4e66465e22 - Fix to unlock view in view test. 
git-svn-id: file:///svn/unbound/trunk@4234 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 11:16:31 +00:00
Wouter Wijngaards
2288777334 - Fix dnscrypt chacha cert support ifdefs. 
- Fix dnscrypt chacha cert unit test escapes in grep.
- Remove asynclook tests that cause test and purifier problems.


git-svn-id: file:///svn/unbound/trunk@4233 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 08:20:44 +00:00
Wouter Wijngaards
dff6c5ff7a - Fix memory leak in dnscrypt config read. 
git-svn-id: file:///svn/unbound/trunk@4231 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:55:52 +00:00
Wouter Wijngaards
df78cb7ccb - Fix memory leak in sldns_buffer_new_frm_data. 
git-svn-id: file:///svn/unbound/trunk@4230 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:42:52 +00:00
Wouter Wijngaards
acada5a8f6 - Free callback in edns-subnetmod on exit and restart. 
git-svn-id: file:///svn/unbound/trunk@4229 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:31:30 +00:00
Wouter Wijngaards
20f8dafcd4 - Fix #1301: memory leak in respip and tests. 
git-svn-id: file:///svn/unbound/trunk@4228 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:27:49 +00:00
Wouter Wijngaards
7bb1d8a8d1 - Fix query for refetch_glue of stub leaking to internet. 
git-svn-id: file:///svn/unbound/trunk@4227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 15:00:07 +00:00
Wouter Wijngaards
39b5f5bbc6 - Fix stub zone queries leaking to the internet for 
harden-referral-path ns checks.


git-svn-id: file:///svn/unbound/trunk@4226 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 07:59:05 +00:00
Wouter Wijngaards
7ebe1fe115 - More fixes in depth for buffer checks in 0x20 qname checks. 
git-svn-id: file:///svn/unbound/trunk@4225 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:34:44 +00:00
Wouter Wijngaards
843bd4156e - Fix #1280: Unbound fails assert when response from authoritative 
contains malformed qname.  When 0x20 caps-for-id is enabled, when
  assertions are not enabled the malformed qname is handled correctly.
- 1.6.3 tag created, with only #1280 fix, trunk is 1.6.4 development.


git-svn-id: file:///svn/unbound/trunk@4224 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:25:47 +00:00
Wouter Wijngaards
ca8d0a0e92 - Fix #1279: Memory leak on reload when python module is enabled. 
git-svn-id: file:///svn/unbound/trunk@4220 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 07:10:58 +00:00
Wouter Wijngaards
c4869780d1 - Fix #1278: Incomplete wildcard proof. 
git-svn-id: file:///svn/unbound/trunk@4218 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-12 10:11:28 +00:00
Ralph Dolmans
998793998d - Added domain name based ECS whitelist. 
git-svn-id: file:///svn/unbound/trunk@4217 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 14:44:55 +00:00
Wouter Wijngaards
e2459be7e1 - dnscrypt unit tests with chacha. 
git-svn-id: file:///svn/unbound/trunk@4216 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 08:27:49 +00:00
Wouter Wijngaards
33de42e729 - Detect chacha for dnscrypt at configure time. 
git-svn-id: file:///svn/unbound/trunk@4215 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 08:17:38 +00:00
Wouter Wijngaards
54eabdde58 - Add dnscrypt XChaCha20 tests. 
git-svn-id: file:///svn/unbound/trunk@4213 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-07 11:39:02 +00:00
Wouter Wijngaards
7e9d37acae - Fix that unbound-control can set val_clean_additional and val_permissive_mode. 
git-svn-id: file:///svn/unbound/trunk@4210 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-07 07:00:02 +00:00
Wouter Wijngaards
b9196d48d2 - Fix #1276: [dnscrypt] add XChaCha20-Poly1305 cipher. 
git-svn-id: file:///svn/unbound/trunk@4208 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 12:52:26 +00:00
Wouter Wijngaards
75cb40edd1 - Fix #1275: cached data in cachedb is never used. 
git-svn-id: file:///svn/unbound/trunk@4207 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 12:08:14 +00:00
Wouter Wijngaards
124f8d57ab - renumbering B-Root's IPv6 address to 2001:500:200::b. 
git-svn-id: file:///svn/unbound/trunk@4206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 09:33:09 +00:00
Wouter Wijngaards
f78e04a12c - Add an explicit type cast for TCP FASTOPEN fix. 
git-svn-id: file:///svn/unbound/trunk@4205 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 07:59:32 +00:00
Ralph Dolmans
b93fd4e0c9 - Fix #1274: automatically trim chroot path from dnscrypt key/cert paths (from 
Manu Bretelle).


git-svn-id: file:///svn/unbound/trunk@4204 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-01 09:51:05 +00:00
Wouter Wijngaards
401e456a17 - Fix fastopen EPIPE fallthrough to perform connect. 
git-svn-id: file:///svn/unbound/trunk@4203 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-01 09:06:14 +00:00
Ralph Dolmans
69828ed94b - Also use global local-zones when there is a matching view that does not have 
any local-zone specified. 


git-svn-id: file:///svn/unbound/trunk@4202 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-31 11:45:39 +00:00
Wouter Wijngaards
627299f5e4 - If MSG_FASTOPEN gives EPIPE fallthrough to try normal tcp write. 
git-svn-id: file:///svn/unbound/trunk@4201 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-31 11:09:15 +00:00
Wouter Wijngaards
e4c60435d2 - Fix #1273: cachedb.c doesn't compile with -Wextra. 
git-svn-id: file:///svn/unbound/trunk@4200 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-31 05:42:23 +00:00
Ralph Dolmans
486edb10db - Fix #1269: inconsistent use of built-in local zones with views. 
- Add defaults for new local-zone trees added to views using unbound-control.


git-svn-id: file:///svn/unbound/trunk@4199 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-30 13:04:19 +00:00
Wouter Wijngaards
8c4e7ffb14 - Support for openssl EVP_DigestVerify. 
- Support for the ED25519 algorithm with openssl (from openssl 1.1.1).


git-svn-id: file:///svn/unbound/trunk@4198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-30 12:28:25 +00:00
Wouter Wijngaards
8b2397542e - Fix assertion for low buffer size and big edns payload when worker 
overrides udpsize.


git-svn-id: file:///svn/unbound/trunk@4195 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-29 07:32:45 +00:00
Ralph Dolmans
6132c9f8d5 - Added redirect-bogus.patch to contrib directory. 
git-svn-id: file:///svn/unbound/trunk@4194 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-26 12:09:38 +00:00
Wouter Wijngaards
ca57014bf2 - printout localzone for duplicate local-zone warnings. 
git-svn-id: file:///svn/unbound/trunk@4193 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-26 11:09:16 +00:00
Wouter Wijngaards
3304a4f622 - exec_prefix is by default equal to prefix. 
git-svn-id: file:///svn/unbound/trunk@4192 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-26 10:47:18 +00:00
Wouter Wijngaards
6538b82928 - Fix #1270: unitauth.c doesn't compile with higher warning level 
and optimization


git-svn-id: file:///svn/unbound/trunk@4191 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-26 06:50:48 +00:00