upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-02-17 17:48:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
4162 commits 27 branches 209 tags 137 MiB
Commit graph

660 commits

Author SHA1 Message Date
Wouter Wijngaards
df947d4056 fix doxygen annotation 
git-svn-id: file:///svn/unbound/trunk@4053 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:28:19 +00:00
Wouter Wijngaards
3d6783e38c remove debug print out 
git-svn-id: file:///svn/unbound/trunk@4052 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:27:08 +00:00
Wouter Wijngaards
6c456aa15e - Add trustanchor.unbound CH TXT that gets a response with a number 
of TXT RRs with a string like "example.com. 2345 1234" with
  the trust anchors and their keytags.


git-svn-id: file:///svn/unbound/trunk@4051 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:17:58 +00:00
Wouter Wijngaards
cae9809e11 - Response actions based on IP address from Jinmei Tatuya (Infoblox). 
git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-07 14:58:51 +00:00
Wouter Wijngaards
689fdc1d0b - For #1227: if we have sha256, set the cipher list to have no 
known vulns.


git-svn-id: file:///svn/unbound/trunk@4030 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-28 08:23:25 +00:00
Wouter Wijngaards
791767d62f - Fix #1227: Fix that Unbound control allows weak ciphersuits. 
git-svn-id: file:///svn/unbound/trunk@4029 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-27 15:24:58 +00:00
Wouter Wijngaards
3289d8482c - Fix #1227: Fix that Unbound control allows weak ciphersuits. 
git-svn-id: file:///svn/unbound/trunk@4027 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-27 14:40:30 +00:00
Wouter Wijngaards
35ae8ef313 - Patch from Luiz Fernando Softov for Stats Shared Memory. 
- unbound-control stats_shm command prints stats using shared memory,
  which uses less cpu.


git-svn-id: file:///svn/unbound/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 12:05:05 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
Wouter Wijngaards
ef80a99397 - Fix to also block meta types 128 through to 248 with formerr. 
git-svn-id: file:///svn/unbound/trunk@3985 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-12 08:12:39 +00:00
Wouter Wijngaards
e5431ca7e5 - Fix #1201: Fix missing unlock in answer_from_cache error condition. 
git-svn-id: file:///svn/unbound/trunk@3983 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-06 15:50:39 +00:00
Wouter Wijngaards
3a1ffe4c69 - Fix #1185: Source IP rate limiting, patch from Larissa Feng. 
git-svn-id: file:///svn/unbound/trunk@3981 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 13:57:12 +00:00
Wouter Wijngaards
9b4b0de746 - Fix #1184: Log DNS replies. This includes the same logging 
information that DNS queries and response code and response size,
  patch from Larissa Feng.


git-svn-id: file:///svn/unbound/trunk@3980 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 11:39:54 +00:00
Wouter Wijngaards
a3441215f1 and ratelimit the formerr. 
git-svn-id: file:///svn/unbound/trunk@3979 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 10:22:13 +00:00
Wouter Wijngaards
5adb2dc4cf - Fix to return formerr for queries for meta-types, to avoid 
packet amplification if this meta-type is sent on to upstream.


git-svn-id: file:///svn/unbound/trunk@3978 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 08:14:34 +00:00
Wouter Wijngaards
cd7db58ce3 - configure --enable-systemd and lets unbound use systemd sockets if 
you enable use-systemd: yes in unbound.conf.
  Also there are contrib/unbound.socket and contrib/unbound.service:
  systemd files for unbound, install them in /usr/lib/systemd/system.
  Contributed by Sami Kerola and Pavel Odintsov.



git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:43:29 +00:00
Ralph Dolmans
f761bc3cdd - Fix remote control without certificate for LibreSSL 
git-svn-id: file:///svn/unbound/trunk@3956 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-07 14:13:01 +00:00
George Thessalonikefs
3ac8cf0380 please lint again. 
git-svn-id: file:///svn/unbound/trunk@3951 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 14:41:14 +00:00
George Thessalonikefs
9323fa7688 please lint again. 
git-svn-id: file:///svn/unbound/trunk@3950 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 14:33:08 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Ralph Dolmans
61b23e3811 - Added local-zones and local-data bulk addition and removal functionality in 
unbound-control (local_zones, local_zones_remove, local_datas and
  local_datas_remove).                                   
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3941 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-30 11:22:29 +00:00
Wouter Wijngaards
c604b9c6a9 Fixup for windows compile. 
git-svn-id: file:///svn/unbound/trunk@3940 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-29 15:49:37 +00:00
Wouter Wijngaards
92bff79d3d - Fix that with openssl 1.1 control-use-cert: no uses less cpu, by 
using no encryption over the unix socket.


git-svn-id: file:///svn/unbound/trunk@3936 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-25 16:14:14 +00:00
Wouter Wijngaards
a6e3ed1025 - patch from Dag-Erling Smorgrav that removes code that relies 
on sbrk().


git-svn-id: file:///svn/unbound/trunk@3934 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 15:50:07 +00:00
Ralph Dolmans
11031a7d36 pass ssl_upstream as int to (lib)worker_send_query 
git-svn-id: file:///svn/unbound/trunk@3924 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 14:02:22 +00:00
Ralph Dolmans
efe248c46a - Added stub-ssl-upstream and forward-ssl-upstream options. 
git-svn-id: file:///svn/unbound/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 12:07:52 +00:00
Wouter Wijngaards
fa81710d16 - configure detects ssl security level API function in the autoconf 
manner.  Every function on its own, so that other libraries (eg.
  LibreSSL) can develop their API without hindrance.


git-svn-id: file:///svn/unbound/trunk@3921 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 08:05:42 +00:00
Wouter Wijngaards
3b4cbcf631 Fixup #if at start of line, for portability. 
git-svn-id: file:///svn/unbound/trunk@3920 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 07:58:57 +00:00
Ralph Dolmans
589eabc0cb Set openssl security level to 0 when using aNULL ciphers 
git-svn-id: file:///svn/unbound/trunk@3919 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-03 16:59:00 +00:00
Wouter Wijngaards
680e14cb65 - log-identity: config option to set sys log identity, patch from 
"Robin H. Johnson" <robbat2@gentoo.org>


git-svn-id: file:///svn/unbound/trunk@3917 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-03 08:51:40 +00:00
Wouter Wijngaards
96961081b0 - Patch for server.num.zero_ttl stats for count of expired replies, 
from Pavel Odintsov.


git-svn-id: file:///svn/unbound/trunk@3910 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-28 15:08:32 +00:00
Wouter Wijngaards
147a6c8548 - Fix #1134: unbound-control set_option val-date-override: -1 works 
immediately to ignore datetime, or back to 0 to enable it again.


git-svn-id: file:///svn/unbound/trunk@3907 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-25 11:44:03 +00:00
Wouter Wijngaards
a4fae019de Fixup prefetch only when needed 
git-svn-id: file:///svn/unbound/trunk@3904 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-24 12:53:13 +00:00
Wouter Wijngaards
a9a65800b8 - serve-expired config option: serve expired responses with TTL 0. 
git-svn-id: file:///svn/unbound/trunk@3903 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-24 12:43:20 +00:00
Wouter Wijngaards
2785225a43 - Fixup query_info local_alias init. 
git-svn-id: file:///svn/unbound/trunk@3901 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-20 15:05:30 +00:00
Wouter Wijngaards
9d2b5ca345 - Removed patch comments from acllist.c and msgencode.c 
git-svn-id: file:///svn/unbound/trunk@3886 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-18 13:20:42 +00:00
Wouter Wijngaards
503df095b2 - Patch that resolves CNAMEs entered in local-data conf statements that 
point to data on the internet, from Jinmei Tatuya (Infoblox).


git-svn-id: file:///svn/unbound/trunk@3885 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-18 13:18:20 +00:00
Ralph Dolmans
de7bc9f96e - fix memoryleak logfile when in debug mode. 
git-svn-id: file:///svn/unbound/trunk@3880 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-11 13:43:18 +00:00
Ralph Dolmans
b587c7f72d Added views functionality. 
git-svn-id: file:///svn/unbound/trunk@3876 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-05 09:36:25 +00:00
Ralph Dolmans
5a56d54086 Check for LibreSSL usage when OpenSSL version number >= 1.1 
git-svn-id: file:///svn/unbound/trunk@3862 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-15 14:40:42 +00:00
Wouter Wijngaards
42d2190343 - Test for openssl init_crypto and init_ssl functions. 
git-svn-id: file:///svn/unbound/trunk@3860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-15 12:03:10 +00:00
Ralph Dolmans
e2e34ad273 fix potential memory leak in daemon/remote.c and nullpointer dereference in 
validator/autotrust.


git-svn-id: file:///svn/unbound/trunk@3856 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-15 08:39:59 +00:00
Wouter Wijngaards
1508a5bb2c - Fix incomplete prototypes reported by Dag-Erling Smørgrav. 
git-svn-id: file:///svn/unbound/trunk@3848 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-05 07:23:23 +00:00
Wouter Wijngaards
7ef6c46aaf Fixup for defines not funcs 
git-svn-id: file:///svn/unbound/trunk@3845 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-02 11:20:21 +00:00
Wouter Wijngaards
3514843818 - Fix compile with openssl 1.1.0 with api=1.1.0. 
git-svn-id: file:///svn/unbound/trunk@3844 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-02 09:59:09 +00:00
Wouter Wijngaards
35e1120341 Fixup position before flip. 
git-svn-id: file:///svn/unbound/trunk@3842 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-01 14:51:46 +00:00
Wouter Wijngaards
0143885a41 - Fix #826: Fix refuse_non_local could result in a broken response. 
git-svn-id: file:///svn/unbound/trunk@3841 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-01 14:34:45 +00:00
Wouter Wijngaards
ca5eca9567 - Fix #777: OpenSSL 1.1.0 compatibility, patch from Sebastian A. Siewior. 
git-svn-id: file:///svn/unbound/trunk@3837 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-08-29 07:05:19 +00:00
Wouter Wijngaards
df4b4e6902 - Fix #806: wrong comment removed. 
git-svn-id: file:///svn/unbound/trunk@3826 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-28 07:13:48 +00:00
Wouter Wijngaards
29ada8b41a - Fix #803: confusing (and incorrect) code comment in daemon_cleanup(). 
git-svn-id: file:///svn/unbound/trunk@3824 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-22 07:08:42 +00:00
Wouter Wijngaards
6b7e0676b9 - Fix #801: missing error condition handling in 
daemon_create_workers().


git-svn-id: file:///svn/unbound/trunk@3822 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-22 07:02:03 +00:00
Wouter Wijngaards
17023457a9 - access-control-tag-data implemented. verbose(4) prints tag debug. 
git-svn-id: file:///svn/unbound/trunk@3811 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-07 10:20:05 +00:00
Wouter Wijngaards
c697604224 - Fix #784: Build configure assumess that having getpwnam means there 
is endpwent function available.
- Updated repository with newer flex and bison output.


git-svn-id: file:///svn/unbound/trunk@3799 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-27 08:00:55 +00:00
Ralph Dolmans
54b820773c - Possibility to specify local-zone types for an acl/tag pair 
- Possibility to specify (override) local-zone types for a source address block


git-svn-id: file:///svn/unbound/trunk@3797 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-24 19:08:58 +00:00
Wouter Wijngaards
2121961929 - TCP_TIMEOUT is specified in milliseconds. 
git-svn-id: file:///svn/unbound/trunk@3793 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-15 14:23:43 +00:00
Wouter Wijngaards
48acd0bf4d - Fix #778: unbound 1.5.9: -h segfault (null deref). 
git-svn-id: file:///svn/unbound/trunk@3781 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-13 07:06:23 +00:00
Ralph Dolmans
ff091efe7b - Lookup localzones by taglist from acl. 
git-svn-id: file:///svn/unbound/trunk@3764 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-07 08:36:19 +00:00
Wouter Wijngaards
a2555b39d7 and fixup delete rest of list on parse failure. 
git-svn-id: file:///svn/unbound/trunk@3762 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 15:01:48 +00:00
Wouter Wijngaards
2cc017981b - free acl-tags, acltag-action and acltag-data config lists during 
initialisation to free up memory for more entries.


git-svn-id: file:///svn/unbound/trunk@3761 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 14:57:24 +00:00
Wouter Wijngaards
886a4fb7f1 please lint. 
git-svn-id: file:///svn/unbound/trunk@3760 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 13:52:56 +00:00
Wouter Wijngaards
0e97374466 - access-control-tag-action and access-control-tag-data config 
directives.
- make depend


git-svn-id: file:///svn/unbound/trunk@3759 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 13:47:24 +00:00
Wouter Wijngaards
415fc52b08 - access-control-tag config directive. 
git-svn-id: file:///svn/unbound/trunk@3754 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 08:33:59 +00:00
Wouter Wijngaards
73704e9ed5 - Fix to not ignore return value of chown() in daemon startup. 
git-svn-id: file:///svn/unbound/trunk@3752 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-03 07:38:53 +00:00
Wouter Wijngaards
6137af9c86 please dox. 
git-svn-id: file:///svn/unbound/trunk@3743 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:56:27 +00:00
Wouter Wijngaards
031caba9c0 - and also generic edns options for upstream messages (and replies). 
after parse use edns_opt_find(edns.opt_list, LDNS_EDNS_NSID),
  to insert use edns_opt_append(edns, region, code, len, bindata) on
  the opt_list passed to send_query, or in edns_opt_inplace_reply.


git-svn-id: file:///svn/unbound/trunk@3742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:55:22 +00:00
Wouter Wijngaards
40dd2acfd9 - generic edns option parse and store code. 
git-svn-id: file:///svn/unbound/trunk@3740 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 15:08:05 +00:00
Wouter Wijngaards
cffec5e0fe - Fix #770: Small subgroup attack on DH used in unix pipe on localhost 
if unbound control uses a unix local named pipe.


git-svn-id: file:///svn/unbound/trunk@3729 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-27 06:50:49 +00:00
Wouter Wijngaards
fbae76885a - OpenSSL 1.1.0 portability, --disable-dsa configure option. 
git-svn-id: file:///svn/unbound/trunk@3689 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-23 08:19:49 +00:00
Wouter Wijngaards
59fd18e8ce - OPENSSL_config is deprecated, removing. 
git-svn-id: file:///svn/unbound/trunk@3688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-21 11:44:03 +00:00
Wouter Wijngaards
edf80f5e3d - ERR_remove_state deprecated since openssl 1.0.0. 
git-svn-id: file:///svn/unbound/trunk@3687 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-21 11:38:50 +00:00
Wouter Wijngaards
9f8b2bb468 - ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for 
binding to an IP address while the interface or address is down.


git-svn-id: file:///svn/unbound/trunk@3673 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-15 09:35:48 +00:00
Wouter Wijngaards
6a6cf23179 - Fixup backend2str for libev. 
git-svn-id: file:///svn/unbound/trunk@3660 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-10 14:39:48 +00:00
Willem Toorop
bcfbe0d9c4 User defined pluggable event mechanism (for review) 
git-svn-id: file:///svn/unbound/branches/ub_event@3647 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-07 14:10:06 +00:00
Wouter Wijngaards
7d070c9305 - Fix patch typo in prevuous commit for 734 from Adi Prasaja. 
git-svn-id: file:///svn/unbound/trunk@3614 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-02-08 08:17:00 +00:00
Wouter Wijngaards
733d9f2e3c - Neater cmdline_verbose increment patch from Edgar Pettijohn. 
git-svn-id: file:///svn/unbound/trunk@3613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-29 08:06:51 +00:00
Wouter Wijngaards
cee936b715 Fixup declaration after statement. 
git-svn-id: file:///svn/unbound/trunk@3606 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-26 09:00:06 +00:00
Wouter Wijngaards
b3b87e1f4f Fixup ;. 
git-svn-id: file:///svn/unbound/trunk@3605 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-26 08:27:40 +00:00
Wouter Wijngaards
fe0663405e - Fix #734: chown the pidfile if it resides inside the chroot. 
git-svn-id: file:///svn/unbound/trunk@3604 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-26 08:05:04 +00:00
Wouter Wijngaards
9bb637e7a4 - Fix #734: Do not log an error when the PID file cannot be chown'ed. 
Patch from Simon Deziel.


git-svn-id: file:///svn/unbound/trunk@3599 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-12 08:04:42 +00:00
Wouter Wijngaards
5d0ad681a2 - #731: tcp-mss, outgoing-tcp-mss options for unbound.conf, patch 
from Daisuke Higashi.


git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:03:59 +00:00
Wouter Wijngaards
b085b4d31a and also #724 for unbound.exe commandline. 
git-svn-id: file:///svn/unbound/trunk@3559 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 09:26:02 +00:00
Wouter Wijngaards
55f5a55f5f But RFC wants empty EDNS in formerr. 
git-svn-id: file:///svn/unbound/trunk@3547 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-20 10:32:18 +00:00
Wouter Wijngaards
2262975cab - Fix that malformed EDNS query gets a response without malformed EDNS. 
git-svn-id: file:///svn/unbound/trunk@3546 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-20 09:09:55 +00:00
Wouter Wijngaards
3bdaebf966 Nicer unbound.c for nettle. 
git-svn-id: file:///svn/unbound/trunk@3534 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 10:02:17 +00:00
Wouter Wijngaards
1ebcdeac38 - patch from Doug Hogan for SSL_OP_NO_SSLvx options. 
git-svn-id: file:///svn/unbound/trunk@3525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-29 08:32:58 +00:00
Wouter Wijngaards
725f11e349 - Fix unbound-control flush that does not succeed in removing data. 
git-svn-id: file:///svn/unbound/trunk@3493 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-25 12:39:10 +00:00
Wouter Wijngaards
9d9984a187 - Fix deadlock for local data add and zone add when unbound-control 
list_local_data printout is interrupted.


git-svn-id: file:///svn/unbound/trunk@3476 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-24 10:49:28 +00:00
Wouter Wijngaards
a7dcbc4d19 Fix lint. 
git-svn-id: file:///svn/unbound/trunk@3458 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-24 11:49:35 +00:00
Wouter Wijngaards
cd223885eb And fix reponse generation when reducing the number of threads. 
git-svn-id: file:///svn/unbound/trunk@3457 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-24 11:44:58 +00:00
Wouter Wijngaards
d889832892 - Fix #690: Reload fails when so-reuseport is yes after changing 
git-svn-id: file:///svn/unbound/trunk@3456 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-24 07:02:14 +00:00
Wouter Wijngaards
1d7d43f9b5 Fixup #if 
git-svn-id: file:///svn/unbound/trunk@3454 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:37:15 +00:00
Wouter Wijngaards
583b376217 - Fix configure to detect SSL_CTX_set_ecdh_auto. 
git-svn-id: file:///svn/unbound/trunk@3453 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:30:49 +00:00
Wouter Wijngaards
78c8224655 - Enable ECDHE for servers. Where available, use 
SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to
  enable ECDHE.  Otherwise, manually offer curve p256.
  Client connections should automatically use ECDHE when available.
  (thanks Daniel Kahn Gillmor)


git-svn-id: file:///svn/unbound/trunk@3452 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-20 06:56:01 +00:00
Willem Toorop
fa20564699 SSL_CTX_use_certificate_chain_file() should be used instead of the 
SSL_CTX_use_certificate_file() function in order to allow the use of
complete certificate chains even when no trusted CA storage is used or
when the CA issuing the certificate shall not be added to the trusted
CA storage.

Thanks Daniel Kahn Gillmore


git-svn-id: file:///svn/unbound/trunk@3451 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-18 12:34:37 +00:00
Wouter Wijngaards
f66a15d894 - Fix #681: Setting forwarders with unbound-control forward 
implicitly turns on forward-first.


git-svn-id: file:///svn/unbound/trunk@3447 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-09 09:45:08 +00:00
Wouter Wijngaards
cb90782087 - Fix #677 Fix DNAME responses from cache that failed internal chain 
test.


git-svn-id: file:///svn/unbound/trunk@3435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-26 07:27:32 +00:00
Wouter Wijngaards
66b8f636cf fix doxygen comment. 
git-svn-id: file:///svn/unbound/trunk@3430 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 09:32:14 +00:00
Wouter Wijngaards
4b0c7880e4 - Fix that unparseable error responses are ratelimited. 
git-svn-id: file:///svn/unbound/trunk@3429 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 09:27:42 +00:00
Wouter Wijngaards
69d2fd7818 - Fix#663: ssl handshake fails when using unix socket because dh size 
is too small.


git-svn-id: file:///svn/unbound/trunk@3396 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 13:56:12 +00:00
Wouter Wijngaards
85192d4569 - unbound-control ratelimit_list lists high rate domains. 
git-svn-id: file:///svn/unbound/trunk@3393 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 12:13:59 +00:00