W.C.A. Wijngaards
9cc8aa1ddf
- Option to toggle udp-connect, default is enabled.
2020-11-23 11:06:53 +01:00
W.C.A. Wijngaards
6b97cb1dd1
stream reuse, up connection reuse time to 60 seconds.
2020-11-23 10:36:22 +01:00
W.C.A. Wijngaards
cca128b871
+ - Fix #347 : IP_DONTFRAG broken on Apple xcode 12.2.
2020-11-23 09:56:01 +01:00
W.C.A. Wijngaards
9423b5b8b2
Merge branch 'master' into stream-reuse
2020-11-23 09:49:26 +01:00
W.C.A. Wijngaards
dde9fade26
stream reuse, fix review comments.
2020-11-23 09:46:26 +01:00
W.C.A. Wijngaards
4445d9c5aa
stream reuse, fix review comments.
2020-11-23 09:44:56 +01:00
W.C.A. Wijngaards
8143ce6967
stream reuse, review comments.
2020-11-23 09:40:15 +01:00
W.C.A. Wijngaards
6f4c79ab95
stream reuse, fix review comments.
2020-11-23 09:37:26 +01:00
W.C.A. Wijngaards
fd94b0bc9b
stream reuse, rename ssl_reuse test to tls_reuse test.
2020-11-23 09:35:58 +01:00
W.C.A. Wijngaards
6ded710013
stream reuse, renamed ssl_reuse.tdir to tls_reuse.tdir.
2020-11-23 09:33:28 +01:00
W.C.A. Wijngaards
d83b1979c4
stream reuse, debug output with verbose level instead of number.
2020-11-23 09:29:26 +01:00
W.C.A. Wijngaards
097e530c49
Changelog notes for #350 and #351
...
- Merge #351 from dvzrv: Add AF_NETLINK to set of allowed socket
address families.
- Fix #350 : with the AF_NETLINK permission, to fix 1.12.0 error:
failed to list interfaces: getifaddrs: Address family not
supported by protocol.
2020-11-23 08:58:41 +01:00
Wouter Wijngaards
dbd5ea4f37
Merge pull request #351 from dvzrv/issues/350
...
Add AF_NETLINK to set of allowed socket address families
2020-11-23 08:57:23 +01:00
David Runge
c48f01445e
Add AF_NETLINK to set of allowed socket address families
...
contrib/unbound{,_portable}.service.in:
With the changes introduced in f6a527c25aFixes #350
2020-11-21 14:10:39 +01:00
mb
f7fb338c95
rpz: continue work on the nsip trigger
2020-11-16 12:42:23 +01:00
mb
07d937f508
rpz: more nsip
2020-11-16 09:49:06 +01:00
mb
e27b160acd
rpz: stubs for nsip triggers
2020-11-13 14:36:00 +01:00
W.C.A. Wijngaards
b891fe113c
- Retry for interfaces with unused ports if possible.
2020-11-12 13:36:37 +01:00
W.C.A. Wijngaards
48b40b305a
Changelog note.
2020-11-12 12:28:10 +01:00
W.C.A. Wijngaards
26aa550bd2
- Fix to connect() to UDP destinations, default turned on,
...
this lowers vulnerability to ICMP side channels.
2020-11-12 12:27:41 +01:00
Ralph Dolmans
a4342ceb3a
Merge branch 'master' into edns-string
2020-11-11 11:38:06 +01:00
Ralph Dolmans
946ed23f73
Merge branch 'master' into edns-string
2020-11-11 11:37:32 +01:00
mb
9149a6d1e4
RPZ: stub nsip testbound scenario
2020-11-11 11:21:54 +01:00
W.C.A. Wijngaards
5385e2e094
- Fix #343 : Fail to build --with-libnghttp2 with error: 'SSIZE_MAX'
...
undeclared.
2020-11-10 15:31:20 +01:00
W.C.A. Wijngaards
7977e1c4cb
- Fix memory leak after fix for possible memory leak failure.
2020-11-10 13:51:56 +01:00
W.C.A. Wijngaards
72d7587138
Merge branch 'master' into zonemd
2020-11-10 08:10:27 +01:00
W.C.A. Wijngaards
3926035f30
Changelog note for #341 and layout change.
...
- Fix #341 : fixing a possible memory leak.
2020-11-10 08:07:28 +01:00
Wouter Wijngaards
140ab1f701
Merge pull request #341 from ihsinme/patch-1
...
fixing a possible memory leak.
2020-11-10 08:06:46 +01:00
ihsinme
18226f1c17
fixing a possible memory leak.
2020-11-09 18:41:22 +03:00
mb
667863770f
RPZ: refactor clientip to handle multiple rrsets
2020-11-09 15:59:00 +01:00
mb
9b4bbb49b4
RPZ: one more testcase
2020-11-09 12:08:06 +01:00
mb
731afdc924
RPZ: refactor clientip trigger
2020-11-06 13:42:48 +01:00
mb
80205ba133
RPZ: towards client ip trigger and local data action
2020-11-06 12:54:32 +01:00
mb
bd0c910830
RPZ: provide rpz-client-ip trigger and actions
2020-11-04 17:00:28 +01:00
mb
fc4de71fe0
RPZ: fix for c89
2020-11-03 15:45:26 +01:00
mb
1ab84a1d27
RPZ: testbound: add qname and respip tcp-only examples
2020-11-03 11:03:29 +01:00
mb
fb8c5a764d
RPZ: provide tcp-only triggers for respip actions
2020-11-03 11:02:36 +01:00
mb
dd70c2ef9a
RPZ: implement stubs for rpz-tcp-only actions.
2020-11-02 14:21:57 +01:00
W.C.A. Wijngaards
e573f55dcd
zonemd, unit tests for insecure delegation zones.
2020-10-29 14:59:11 +01:00
W.C.A. Wijngaards
cd3d54b504
zonemd, unit test for failed zonemd hash after axfr with chain of trust,
...
zone is written after axfr, but before check. But zone is then rejected
after check completes..
2020-10-29 10:13:01 +01:00
W.C.A. Wijngaards
2757e0ff51
zonemd, unit test for failed zonemd hash after axfr, zone is rejected and not
...
written to file.
2020-10-29 10:00:59 +01:00
W.C.A. Wijngaards
43e32eae33
zonemd, unit test for zonemd from axfr with trust anchor.
2020-10-29 09:55:03 +01:00
W.C.A. Wijngaards
3ab188ea21
zonemd, please doxygen
...
zonemd, fix clang analyzer warning about null nsec3 salt pointer access.
2020-10-29 08:40:22 +01:00
W.C.A. Wijngaards
7ebb890a4a
zonemd, unit test for zonemd from file and trust anchor directly for DNSSEC.
2020-10-28 15:10:14 +01:00
Florian Obser
9fb65e2b9e
Sprinkle in some static to prevent missing prototype warnings.
2020-10-28 14:15:23 +01:00
W.C.A. Wijngaards
639a773c39
zonemd, unit test for chain of trust from recursion to check ZONEMD.
2020-10-27 13:44:44 +01:00
W.C.A. Wijngaards
d104727c91
- In man page note that tls-cert-bundle is read before permission
...
drop and chroot.
2020-10-27 09:00:26 +01:00
W.C.A. Wijngaards
94ac072f9b
zonemd, zonemd-reject-absence config for an auth-zone rejects the zone if
...
no ZONEMD is present.
2020-10-26 15:37:43 +01:00
W.C.A. Wijngaards
8e53f0b14f
zonemd, unit test with correct title.
2020-10-23 14:40:00 +02:00
W.C.A. Wijngaards
2b9569c7fe
zonemd, fix config_get_option for zonemd-permissive-mode and unit test
...
for zonemd-permissive-mode.
2020-10-23 14:38:57 +02:00
