upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-01 20:39:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6945 commits 23 branches 209 tags 124 MiB
Commit graph

58 commits

Author SHA1 Message Date
W.C.A. Wijngaards
e4ca71e85b - Fix zonemd check to allow unsupported algorithms to load. 
If there are only unsupported algorithms, or unsupported schemes,
  and no failed or successful other ZONEMD records, or malformed
  or bad ZONEMD records, the unsupported records allow the zone load.
 2022-04-08 09:29:37 +02:00
W.C.A. Wijngaards
a9de6879b8 Merge branch 'master' into rpz-triggers 2021-08-18 09:53:35 +02:00
W.C.A. Wijngaards
c8c2dfff22 - Fix zonemd verification of key that is not in DNS but in the zone 
and needs a chain of trust.
 2021-08-13 14:43:11 +02:00
W.C.A. Wijngaards
cf0aad9fb6 Merge branch 'master' into rpz-triggers 2021-05-28 15:00:55 +02:00
W.C.A. Wijngaards
ea4f1ee8a6 - zonemd-check: yesno option, default no, enables the processing 
of ZONEMD records for that zone.
 2021-05-27 14:20:53 +02:00
W.C.A. Wijngaards
50dcadd495 - rpz-triggers, for clientip modified answers the rpz SOA is added to the 
additional section with the serial number and name of the rpz zone that
  was applied.
 2021-05-14 15:34:48 +02:00
W.C.A. Wijngaards
48e0d3356a zonemd, review comments, spelling fix. 2021-02-12 10:48:38 +01:00
W.C.A. Wijngaards
94ac072f9b zonemd, zonemd-reject-absence config for an auth-zone rejects the zone if 
no ZONEMD is present.
 2020-10-26 15:37:43 +01:00
W.C.A. Wijngaards
c72ca35f08 unbound-control auth_zone_reload sets zone to nonexpired and 
also updates the xfr soa values from the new zonefile contents.
 2020-10-23 11:44:28 +02:00
W.C.A. Wijngaards
54d8473ec6 zonemd, pass module stack as function argument. 2020-10-22 13:31:37 +02:00
W.C.A. Wijngaards
e09873e0c8 zonemd, zonemds are checked at start 2020-10-22 12:10:46 +02:00
W.C.A. Wijngaards
0a238280b9 zonemd, unit test for dnssec verify, implement test. 2020-10-15 12:27:22 +02:00
W.C.A. Wijngaards
22e82765f9 zonemd, dnssec verification routines. 2020-10-14 13:34:50 +02:00
W.C.A. Wijngaards
0af62aba53 zonemd, defines for scheme and algorithm. 2020-10-09 15:14:27 +02:00
W.C.A. Wijngaards
c49a4e60fe zonemd, doxygen comment fix. 2020-10-09 15:05:46 +02:00
W.C.A. Wijngaards
cdf6544b46 zonemd, unit test, succeeds at verifying examples of zonemd draft-12. 2020-10-09 12:18:25 +02:00
W.C.A. Wijngaards
3163a93121 zonemd, loop over zone and canonicalize data, test call in unit test. 2020-10-06 17:07:24 +02:00
Ralph Dolmans
e4eb76a5f3 - Fix RPZ concurrency issue when using auth_zone_reload. 2020-03-26 19:11:57 +01:00
Ralph Dolmans
9ce7045413 - Fix doxygen issue 
- Fix memory leak
 - IANA ports update
 - merge littlehash ASAN changes
 2019-07-16 19:45:49 +02:00
Ralph Dolmans
a8d6147ae4 - Added RPZ response IP support 2019-07-16 18:43:16 +02:00
Ralph Dolmans
186c9e8e82
Merge pull request #5 from NLnetLabs/master 
bring fork up to date
 2019-04-25 14:43:02 +02:00
Wouter Wijngaards
c6369e9ffa - Fix that auth zone fails over to next master for timeout in tcp. 
git-svn-id: file:///svn/unbound/trunk@5155 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-11 13:41:53 +00:00
Wouter Wijngaards
474afc9016 - Fix that auth zone uses correct network type for sockets for 
SOA serial probes.  This fixes that probes fail because earlier
  probe addresses are unreachable.


git-svn-id: file:///svn/unbound/trunk@5154 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-11 08:00:33 +00:00
Ralph Dolmans
c66e47c372 Initial RPZ commit - now with all files 2019-04-05 17:39:10 +02:00
Wouter Wijngaards
51caffb454 - Fix for #4219: secondaries not updated after serial change, unbound 
falls back to AXFR after IXFR gives several timeout failures.


git-svn-id: file:///svn/unbound/trunk@5052 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-22 15:36:58 +00:00
Wouter Wijngaards
692caffe2c - auth zone zonefiles can be in a chroot, the chroot directory 
components are removed before use.


git-svn-id: file:///svn/unbound/trunk@4972 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-22 15:51:09 +00:00
George Thessalonikefs
0171d06aa2 - #4140: Expose repinfo (comm_reply) to the inplace_callbacks. This 
gives access to reply information for the client's communication
  point when the callback is called before the mesh state (modules).
  Changes to C and Python's inplace_callback signatures were also
  necessary.


git-svn-id: file:///svn/unbound/trunk@4870 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-22 10:51:13 +00:00
George Thessalonikefs
749d1b9ebc - Expose if a query (or a subquery) was ratelimited (not src IP 
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
  This also introduces a change to 'ub_event_callback_type' in
  libunbound/unbound-event.h.
- Tidy pylib tests.


git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 14:00:46 +00:00
Wouter Wijngaards
a31d45b13e - Fix that auth-zone master reply with current SOA serial does not 
stop scan of masters for an updated zone.


git-svn-id: file:///svn/unbound/trunk@4755 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-26 13:48:36 +00:00
Wouter Wijngaards
abff4d1237 - unbound-control auth_zone_transfer _zone_ option starts the probe 
sequence for a master to transfer the zone from and transfers when
  a new zone version is available.


git-svn-id: file:///svn/unbound/trunk@4736 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-15 15:01:31 +00:00
Wouter Wijngaards
ea6266f736 - list_auth_zones unbound-control command. 
git-svn-id: file:///svn/unbound/trunk@4650 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-23 14:42:30 +00:00
Wouter Wijngaards
2e70e3a0d3 - Delete auth zone when removed from config. 
git-svn-id: file:///svn/unbound/trunk@4642 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-20 14:40:07 +00:00
Wouter Wijngaards
1b055c6ca7 - allow-notify: config statement for auth-zones. 
git-svn-id: file:///svn/unbound/trunk@4628 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-17 13:23:35 +00:00
Wouter Wijngaards
4809fe1b95 - auth zone notify work. 
git-svn-id: file:///svn/unbound/trunk@4626 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-16 15:10:30 +00:00
Wouter Wijngaards
2d6715878d - auth zone notify work. 
git-svn-id: file:///svn/unbound/trunk@4625 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-16 14:24:57 +00:00
Wouter Wijngaards
4e5af01354 - Fix memory free on fail for $INCLUDE in authzone. 
- Fix that an internal error to look up the wrong rr type for
  auth zone gets stopped, before trying to send there.
- auth zone notify work.


git-svn-id: file:///svn/unbound/trunk@4623 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-13 13:04:26 +00:00
Wouter Wijngaards
ad9784c5e8 - auth zone notify work. 
git-svn-id: file:///svn/unbound/trunk@4619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-10 14:57:38 +00:00
Wouter Wijngaards
89ad258515 - num.query.authzone.up and num.query.authzone.down statistics counters. 
- Fix downstream auth zone, only fallback when auth zone fails to
  answer and fallback is enabled.


git-svn-id: file:///svn/unbound/trunk@4610 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 10:15:06 +00:00
Wouter Wijngaards
3b87862c8a auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4512 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-06 09:32:41 +00:00
Wouter Wijngaards
ca60143bdf cleanup without losing zone contents, and also backoff for nonresponsive 
masters while zone data is available.


git-svn-id: file:///svn/unbound/trunk@4480 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 12:52:40 +00:00
Wouter Wijngaards
c834b5eecd pickup worker events, and free them. 
exponential backoff for continuously failing zones.


git-svn-id: file:///svn/unbound/trunk@4479 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 12:33:19 +00:00
Wouter Wijngaards
fdd1a602d5 fix to please doxygen's parser. 
git-svn-id: file:///svn/unbound/trunk@4470 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 15:51:28 +00:00
Wouter Wijngaards
bea3b6b72d unit test for auth zone lookup 
git-svn-id: file:///svn/unbound/trunk@4469 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 15:44:49 +00:00
Wouter Wijngaards
0362614f94 auth zone, make depend, fallback, create and delete, and lease_time, 
and lock fixes.


git-svn-id: file:///svn/unbound/trunk@4466 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 10:35:20 +00:00
Wouter Wijngaards
01eab08c1c fix ixfr and axfr end detection. 
git-svn-id: file:///svn/unbound/trunk@4453 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-26 14:35:53 +00:00
Wouter Wijngaards
5fd83a85e8 authzone transfer functionality 
git-svn-id: file:///svn/unbound/trunk@4452 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-26 14:16:04 +00:00
Wouter Wijngaards
1ed537dc52 lookup and transfer setup 
git-svn-id: file:///svn/unbound/trunk@4417 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-04 16:24:24 +00:00
Wouter Wijngaards
c1e91553b9 auth zone transfer setup. 
git-svn-id: file:///svn/unbound/trunk@4413 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-01 16:04:54 +00:00
Wouter Wijngaards
36a54a9c9d iterate probe over looked up ip4 and ip6 addresses 
git-svn-id: file:///svn/unbound/trunk@4412 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-01 14:20:55 +00:00
Wouter Wijngaards
d88bb99957 - auth zone work. probe hostname lookup. 
git-svn-id: file:///svn/unbound/trunk@4411 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-01 14:02:28 +00:00