upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-09 08:12:54 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
7548 commits 23 branches 209 tags 126 MiB
Commit graph

939 commits

Author SHA1 Message Date
W.C.A. Wijngaards
be626f7c53 - Fix edns subnet replies for scope zero answers to not get stored 
in the global cache, and in cachedb, when the upstream replies
  without an EDNS record.
 2024-03-04 13:20:13 +01:00
W.C.A. Wijngaards
56a2b564ef Merge commit '92f2a1ca690a44880f4c4fa70a4b5a4b029aaf1c' 2024-02-13 13:58:09 +01:00
W.C.A. Wijngaards
9a00877af9 Merge commit '882903f2fa800c4cb6f5e225b728e2887bb7b9ae' 2024-02-13 13:57:56 +01:00
W.C.A. Wijngaards
92f2a1ca69 - Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU. 2024-02-13 13:02:43 +01:00
W.C.A. Wijngaards
882903f2fa - Fix CVE-2023-50387, DNSSEC verification complexity can be exploited to 
exhaust CPU resources and stall DNS resolvers.
 2024-02-13 13:02:08 +01:00
Yorgos Thessalonikefs
3522451600 - Update message TTL when using cached RRSETs. It could result in 
non-expired messages with expired RRSETs (non-usable messages by
  Unbound).
 2024-01-23 10:10:37 +01:00
W.C.A. Wijngaards
418eeb642c - Fix unit test for #987 change in udp1xxx retry packet send. 2024-01-05 14:11:55 +01:00
W.C.A. Wijngaards
4ef1fb5a24 - Fix root_zonemd unit test, it checks that the root ZONEMD verifies, 
now that the root has a valid ZONEMD.
 2023-12-08 17:15:35 +01:00
Yorgos Thessalonikefs
be6fd80a1c - Merge PR #973: Use the origin (DNAME) TTL for synthesized CNAMEs as per RFC 6672. 2023-12-08 09:23:26 +01:00
Philip Homburg
0cfc6e6d95 Fixed some syntax errors in rpl files. 2023-12-07 11:38:01 +01:00
Yorgos Thessalonikefs
8517f49745 - Use the origin (DNAME) TTL for syntesized CNAMEs as per RFC 6672. 2023-12-06 23:40:01 +01:00
W.C.A. Wijngaards
6c76b4e2f8 - Fix tests to use new common.sh functions, wait_logfile and 
kill_from_pidfile.
 2023-12-06 16:32:06 +01:00
W.C.A. Wijngaards
c91bd60051 - Update test script file common.sh. 2023-12-06 16:14:24 +01:00
W.C.A. Wijngaards
5997355e22 - Fix to sync the tests script file common.sh. 2023-12-06 11:58:14 +01:00
Yorgos Thessalonikefs
ca88669435 - Replace the obsolescent fgrep with grep -F in tests. 2023-11-24 15:51:17 +01:00
Yorgos Thessalonikefs
15a9b0f2be - Use 127.0.0.1 explicitly in tests to avoid delays and errors on newer 
systems.
 2023-11-24 15:34:25 +01:00
Wouter Wijngaards
3f66230874
Merge pull request #951 from NLnetLabs/cachedb-no-store 
Cachedb no store
 2023-10-20 17:00:13 +02:00
George Thessalonikefs
44c3d4d2dc - Changelog entry for: 
Merge #955 from buevsan: fix ipset wrong behavior.
- Update testdata/ipset.tdir test for ipset fix.
 2023-10-18 15:11:38 +02:00
George Thessalonikefs
2f0b11673a - Update the dns64_lookup.rpl test for the DNS64 fallback patch. 2023-10-18 12:59:54 +02:00
W.C.A. Wijngaards
0f78bea4a3 - Fix #954: Inconsistent RPZ handling for A record returned along with 
CNAME.
 2023-10-17 16:47:04 +02:00
George Thessalonikefs
4b627bd29e - Update pymod tests for the new Python script variable. 2023-10-16 16:32:09 +02:00
Wouter Wijngaards
dbd2a43ab1
Apply suggestions from code review 
Co-authored-by: Yorgos Thessalonikefs <george@nlnetlabs.nl>
 2023-10-13 13:46:52 +02:00
W.C.A. Wijngaards
18ebe165ba Merge branch 'master' into cachedb-no-store 2023-10-12 14:51:12 +02:00
Wouter Wijngaards
5c6c57ed89
Merge pull request #944 from NLnetLabs/disable-edns-do 
Disable EDNS DO
 2023-10-12 14:04:29 +02:00
W.C.A. Wijngaards
47094fd83f Merge branch 'master' into cachedb-no-store 2023-10-11 13:51:34 +02:00
W.C.A. Wijngaards
935bc162e1 - cachedb-no-store, unit test cachedb_no_store.tdir. 2023-10-11 12:01:55 +02:00
W.C.A. Wijngaards
6d0812b567 - Fix edns subnet so that queries with a source prefix of zero cause 
the recursor send no edns subnet option to the upstream.
 2023-10-09 12:21:22 +02:00
W.C.A. Wijngaards
1e85749e6e Merge branch 'master' into disable-edns-do 2023-10-05 15:57:41 +02:00
W.C.A. Wijngaards
b865aca03a - Fix #946: Forwarder returns servfail on upstream response noerror no 
data.
 2023-10-04 18:16:22 +02:00
W.C.A. Wijngaards
39df4f0923 - disable-edns-do, queriers receive no EDNS in response if the 
disable-edns-do option is enabled and they set the DO flag. And unit test
  for that.
 2023-10-04 13:54:05 +02:00
W.C.A. Wijngaards
eff3e01ec3 Merge branch 'master' into disable-edns-do 2023-10-04 13:34:47 +02:00
W.C.A. Wijngaards
0102360e92 root-zonemd-test, add test for ZONEMD usage from the root zone, 
currently with the unsupported algorithm.
 2023-09-29 16:03:08 +02:00
W.C.A. Wijngaards
4e5b0b7eec - disable-edns-do, unit test checks lookup without EDNS DO flag. 2023-09-22 11:39:39 +02:00
W.C.A. Wijngaards
bd5dc855af - Fix rpz tcp-only action with rpz triggers nsdname and nsip. 2023-09-18 09:55:39 +02:00
W.C.A. Wijngaards
33784e612a - Fix to set ede match in unit test for rr length removal. 2023-09-07 14:58:51 +02:00
W.C.A. Wijngaards
fdd5f8ff83 - Fix to add EDE text when RRs have been removed due to length. 2023-09-07 14:44:48 +02:00
W.C.A. Wijngaards
63616a5fce - Fix to move msgparse_rrset_remove_rr code to util/msgparse.c. 2023-09-07 11:29:53 +02:00
W.C.A. Wijngaards
dfc00271d1 - Fix to scrub resource records of type A and AAAA that have an 
inappropriate size. They are removed from responses.
 2023-09-07 11:08:04 +02:00
W.C.A. Wijngaards
10843805ac - Fix #927: unbound 1.18.0 make test error. Fix make test without SHA1. 2023-08-31 13:54:03 +02:00
W.C.A. Wijngaards
6e43145382 - Fix unit test for unbound-control to work when threads are disabled, 
and fix cache dump check.
 2023-08-21 16:58:10 +02:00
W.C.A. Wijngaards
be53e37b15 - Fix #923: processQueryResponse() THROWAWAY should be mindful of 
fail_reply.
 2023-08-21 14:32:13 +02:00
W.C.A. Wijngaards
083770cb39 - Fix stat_values test to work with dig that enables DNS cookies. 2023-08-18 13:39:27 +02:00
W.C.A. Wijngaards
5f423906de - Fix ip_ratelimit test to work with dig that enables DNS cookies. 2023-08-17 15:43:14 +02:00
George Thessalonikefs
bab5ad623c - For #762: Introduce stat counters for downstream DNS Cookies per 
thread and total: num.queries_cookie_valid, num.queries_cookie_client,
  num.queries.cookie_invalid.
 2023-08-08 15:19:56 +02:00
George Thessalonikefs
49e4258102 - For #762: Interaction between DNS Cookies and source IP ratelimiting 
by allowing Cookies to bypass the ratelimit, but still allowing
  ratelimit to valid DNS Cookie clients via the new
  ip-ratelimit-cookie option.
 2023-08-08 10:14:03 +02:00
George Thessalonikefs
4ccb613396 Merge branch 'master' into features/downstream-cookies 2023-08-05 20:37:48 +02:00
George Thessalonikefs
fbc0256825 - For #762: Cleaner manpage text and uniform use of the term DNS 
Cookies.
 2023-08-05 20:00:37 +02:00
George Thessalonikefs
8580a74b37 - For #762: Introduce rpl testing for DNS Cookies. 2023-08-05 19:50:57 +02:00
George Thessalonikefs
00a08beee9 - For #762: Ignore util/siphash.c for the 01-doc test. 2023-08-01 17:40:49 +02:00
George Thessalonikefs
2cc9563cf8 - Fix to use the now cached EDE, if any, for CD_bit queries. 2023-08-01 15:23:25 +02:00