upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-02-15 16:48:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
5440 commits 26 branches 209 tags 136 MiB
Commit graph

5440 commits

This branch
This branch
All branches
Author SHA1 Message Date
W.C.A. Wijngaards
3753d01253 dnstap io, test for client authentication, unbound can send client 
authentication credentials, when configured, and unbound-dnstap-socket can
verify the client credentials, and refuses the connection if missing.
 2020-02-18 16:30:13 +01:00
W.C.A. Wijngaards
9556d59536 dnstap io, test that failed name or auth certificate fails to connect tls. 2020-02-18 14:18:03 +01:00
W.C.A. Wijngaards
184f26355a Fix ifdef of X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS, and 
Merge branch 'master' into framestreams
 2020-02-18 08:33:58 +01:00
W.C.A. Wijngaards
6accd3d681 - protect X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS with ifdef for 
different openssl versions.
 2020-02-18 08:31:38 +01:00
W.C.A. Wijngaards
b4f055effc Merge branch 'master' into framestreams 2020-02-17 15:25:47 +01:00
W.C.A. Wijngaards
85fd23769f - changelog point where the tag for 1.10.0rc2 release is. 2020-02-17 15:24:29 +01:00
Ralph Dolmans
b770699319 typo fix 2020-02-17 13:38:01 +01:00
Ralph Dolmans
fe5370a98a - Add respip to supported module-config options in unbound-checkconf. 2020-02-17 13:36:30 +01:00
George Thessalonikefs
4b354d38c1 - Remove unused variable. 2020-02-17 12:56:20 +01:00
W.C.A. Wijngaards
a9b7638f4b Neater changelog 2020-02-17 10:10:44 +01:00
W.C.A. Wijngaards
42fdfd8121 - contrib/drop2rpz: perl script that converts the Spamhaus DROP-List 
in RPZ-Format, contributed by Andreas Schulze.
 2020-02-17 10:09:46 +01:00
W.C.A. Wijngaards
2106692a89 dnstap io, test TLS with peername and TLS authentication. 2020-02-14 15:44:55 +01:00
W.C.A. Wijngaards
7b19ba3d57 dnstap io, fix spinning reconnect when handshake fails for TLS. 2020-02-14 15:41:17 +01:00
W.C.A. Wijngaards
4d3524f496 dnstap io, test for TLS and reconnect for that. And fix unused parameters 
for dt_create and fix check of socket path when using IP address.
 2020-02-14 14:44:02 +01:00
W.C.A. Wijngaards
7da19e96ce dnstap io, test for TCP and reconnect for that. 2020-02-14 14:16:56 +01:00
W.C.A. Wijngaards
583e8b71e4 Nicer comment text. 2020-02-14 13:54:07 +01:00
W.C.A. Wijngaards
465af58457 dnstap io, fix to compile without ssl. 2020-02-14 13:23:58 +01:00
W.C.A. Wijngaards
748b70ae8b dnstap io, fix clang analysis warning 2020-02-14 10:33:33 +01:00
W.C.A. Wijngaards
6d1b4e050d dnstap io, dnstap tls default is yes, and man page documentation. 2020-02-14 10:01:37 +01:00
W.C.A. Wijngaards
00700bbe13 dnstap io, config entries parse and lex. 2020-02-14 09:40:37 +01:00
W.C.A. Wijngaards
78e6060858 dnstap io, example.conf example, config_file entries for tcp and tls. 2020-02-14 09:03:09 +01:00
W.C.A. Wijngaards
2665ae0414 - Stop unbound-checkconf from insisting that auth-zone and rpz 
zonefiles have to exist.  They can not exist, and download later.
 2020-02-14 07:57:57 +01:00
W.C.A. Wijngaards
77bdbc6e98 - Fix spelling in unbound.conf.5.in. 2020-02-14 07:54:49 +01:00
W.C.A. Wijngaards
76772fe786 dnstap io, check peer verification in unbound-dnstap-socket tap_handshake. 2020-02-12 16:49:18 +01:00
W.C.A. Wijngaards
5714260953 dnstap io, move peer check into routine. 2020-02-12 15:34:56 +01:00
W.C.A. Wijngaards
25a88d6d54 dnstap io, check peer verification in dtstream dtio_ssl_handshake. 2020-02-12 15:23:58 +01:00
W.C.A. Wijngaards
0f0bb21a89 Merge branch 'master' into framestreams 2020-02-12 12:53:12 +01:00
W.C.A. Wijngaards
00d622bed7 - updated version number to 1.10.0. 2020-02-12 12:51:35 +01:00
W.C.A. Wijngaards
e5e72eb398 Merge branch 'master' into framestreams 2020-02-12 11:58:01 +01:00
W.C.A. Wijngaards
9e193be648 - Fix compile warning when threads disabled. 2020-02-12 11:55:02 +01:00
W.C.A. Wijngaards
7dcfe531e4 - Fix to clean memory leak of respip_addr.lock when ip_tree deleted. 2020-02-12 11:49:26 +01:00
W.C.A. Wijngaards
e965775064 - Fix contrib/fastrpz.patch to apply cleanly. Fix for serve-stale 
fixes, but it does not compile, conflicts with new rpz code.
 2020-02-12 11:29:55 +01:00
W.C.A. Wijngaards
6e13c6f401 - Fix contrib/fastrpz.patch to apply cleanly. 2020-02-12 11:24:59 +01:00
W.C.A. Wijngaards
2916cfb3b0 - Fix with libnettle make test with dsa disabled. 2020-02-12 11:15:24 +01:00
George Thessalonikefs
da2bda6f4d - Clean debug comments. 2020-02-10 15:54:41 +01:00
George Thessalonikefs
adda4f6ace - Fix use after free on log-identity after a reload; Fixes #163. 2020-02-10 13:56:22 +01:00
George Thessalonikefs
c316b1d7d5 - Document 'ub_result.was_ratelimited' in libunbound. 2020-02-10 10:31:47 +01:00
W.C.A. Wijngaards
aee3706f66 - Fix to put braces around empty if body when threading is disabled. 2020-02-06 15:33:02 +01:00
George Thessalonikefs
8e135d5f59 - Document in unbound.conf manpage that configuration clauses can be repeated in the configuration file. 2020-02-06 14:39:58 +01:00
George Thessalonikefs
5d6358b66d - Cleaner code for mesh_serve_expired_lookup. 2020-02-06 14:38:01 +01:00
W.C.A. Wijngaards
4089147351 - Fix to lock and release once in mesh_serve_expired_lookup. 2020-02-06 14:01:45 +01:00
W.C.A. Wijngaards
18ea62e369 - Fix to lock zone before adding rpz qname trigger. 2020-02-06 12:22:15 +01:00
W.C.A. Wijngaards
d000523b00 - Fix to create and destroy rpz_lock in auth_zones structure. 2020-02-06 11:51:17 +01:00
George Thessalonikefs
0758d29324 - Fix num_reply_states and num_detached_states counting with 
serve_expired_callback.
 2020-02-06 11:44:48 +01:00
W.C.A. Wijngaards
af7abd4dfd - Fix num_reply_addr counting in mesh and tcp drop due to size 
after serve_stale commit.
 2020-02-06 11:09:30 +01:00
W.C.A. Wijngaards
7e061e4d5f Fix test to check if server up afterwards 2020-02-06 10:25:47 +01:00
W.C.A. Wijngaards
ad180402ea dnstap io, set tls auth name in outgoing ssl 2020-02-05 16:17:21 +01:00
W.C.A. Wijngaards
812d8f71e8 dnstap io, ssl write. 2020-02-05 15:04:04 +01:00
W.C.A. Wijngaards
58fdcf06e8 Merge branch 'master' into framestreams 2020-02-05 14:25:47 +01:00
gthess
f7fe95ad7b
Serve stale (#159) 
- Added serve-stale functionality as described in
  draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
  to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107.
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
  come with a configurable TTL value (`serve-expired-reply-ttl`).
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
 2020-02-05 14:20:27 +01:00