upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-26 01:29:58 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6724 commits 23 branches 209 tags 124 MiB
Commit graph

220 commits

Author SHA1 Message Date
Tom Carpay
3ebfa9fc97 Outgoing module options go to opt_list_modules_out 
And opt_list_modules_out is reset in case of failure
BEWARE! No options from modules will be encoded in the responses now!
 2021-10-27 14:01:56 +00:00
Tom Carpay
3e6eeb504d Modules have their own outgoing ends options list 
But nothing happens with it yet
 2021-10-27 13:48:49 +00:00
W.C.A. Wijngaards
a9de6879b8 Merge branch 'master' into rpz-triggers 2021-08-18 09:53:35 +02:00
W.C.A. Wijngaards
d0cc58be3d - Fix to support harden-algo-downgrade for ZONEMD dnssec checks. 2021-08-16 16:14:32 +02:00
W.C.A. Wijngaards
4034c009bb - zonemd, fix order of bogus printout string manipulation. 2021-08-13 15:24:53 +02:00
W.C.A. Wijngaards
c8c2dfff22 - Fix zonemd verification of key that is not in DNS but in the zone 
and needs a chain of trust.
 2021-08-13 14:43:11 +02:00
W.C.A. Wijngaards
f232562430 Merge branch 'master' into rpz-triggers 2021-08-05 13:37:22 +02:00
George Thessalonikefs
ca4d68c64c - Introduce 'http-user-agent:' and 'hide-http-user-agent:' options. 2021-07-16 14:32:18 +02:00
W.C.A. Wijngaards
8e5c3f51a2 - Fix auth zone download on windows to unlink before rename. 2021-06-25 15:31:33 +02:00
W.C.A. Wijngaards
79209823ac - Fix a number of warnings reported by the gcc analyzer. 2021-06-18 18:12:26 +02:00
W.C.A. Wijngaards
cf0aad9fb6 Merge branch 'master' into rpz-triggers 2021-05-28 15:00:55 +02:00
W.C.A. Wijngaards
ea4f1ee8a6 - zonemd-check: yesno option, default no, enables the processing 
of ZONEMD records for that zone.
 2021-05-27 14:20:53 +02:00
W.C.A. Wijngaards
e5cb48c432 Merge branch 'master' into rpz-triggers 2021-05-21 14:09:30 +02:00
George Thessalonikefs
ff6b527184 - Fix for #411, #439, #469: Reset the DNS message ID when moving queries 
between TCP streams.
- Refactor for uniform way to produce random DNS message IDs.
 2021-05-19 15:07:32 +02:00
W.C.A. Wijngaards
355526da7d - rpz-triggers, the added soa for client ip modified answers is affected 
by the minimal-responses config option.
 2021-05-14 16:34:38 +02:00
W.C.A. Wijngaards
50dcadd495 - rpz-triggers, for clientip modified answers the rpz SOA is added to the 
additional section with the serial number and name of the rpz zone that
  was applied.
 2021-05-14 15:34:48 +02:00
W.C.A. Wijngaards
39a557833d - Fix for zonemd, do not reject insecure result from trust anchor 
validation step in dnssec chain of trust.
 2021-02-23 17:09:40 +01:00
W.C.A. Wijngaards
c802298fca - Fix for zonemd, that domain-insecure zones work without dnssec. 2021-02-23 17:03:23 +01:00
W.C.A. Wijngaards
131d38f8f2 - Fix for zonemd, that nxdomain for the chain of trust is allowed 
for island zones, it is treates as an insecure zone for verification.
 2021-02-22 17:32:40 +01:00
W.C.A. Wijngaards
b7ffa6618c zonemd, review comments, fix no anchor lookup if none. 2021-02-12 09:16:22 +01:00
W.C.A. Wijngaards
8490508559 zonemd, review comments, stop null dnskey, skip dnssec for insecure islands. 2021-02-12 08:33:03 +01:00
W.C.A. Wijngaards
6965cef5e8 zonemd, review comments, check qname for zonemd dnskey lookup. 2021-02-11 17:33:10 +01:00
W.C.A. Wijngaards
e0f17c2443 zonemd, review comments, stop callback for a deleted zone. 2021-02-11 17:27:59 +01:00
W.C.A. Wijngaards
d3b6e1679c zonemd, review comments, indentation. 2021-02-11 16:05:28 +01:00
W.C.A. Wijngaards
9a972aa5b2 zonemd, review comments, compare list size for rrsigtype add. 2021-02-10 16:38:39 +01:00
W.C.A. Wijngaards
12171e3124 zonemd, review comments, compare list size correctly. 2021-02-10 16:34:24 +01:00
W.C.A. Wijngaards
3d2692d6bc zonemd, review comments, add comments to unit test, scope verbose output. 2021-02-10 15:30:23 +01:00
W.C.A. Wijngaards
b7a633fdc0 Merge branch 'master' into zonemd 2021-02-04 16:08:11 +01:00
Willem Toorop
b7864b0c48 Merge branch 'master' into features/padding 2021-01-22 15:13:01 +01:00
W.C.A. Wijngaards
20ff80c5bb zonemd, fix to detect duplicate zonemd scheme and algo RRs. 2021-01-22 14:36:53 +01:00
Willem Toorop
48ecf95108 Merge branch 'master' into features/padding 2021-01-22 10:29:50 +01:00
George Thessalonikefs
9056613a79 - Fix TTL of SOA record for negative answers (localzone data and 
authzone) to be the minimum of the SOA TTL and the SOA.MINIMUM.
 2021-01-19 15:55:55 +01:00
W.C.A. Wijngaards
3e03e2c26d - For #391: use struct timeval* start_time for callback information. 2021-01-08 09:47:46 +01:00
Frank Riley
e3abd772f7 Add start_time to reply callbacks so modules can compute the response time. 2021-01-01 15:44:21 -07:00
George Thessalonikefs
08968baec1 - Fix error cases when udp-connect is set and send() returns an error 
(modified patch from Xin Li @delphij).
 2020-12-16 17:11:41 +01:00
W.C.A. Wijngaards
3ab188ea21 zonemd, please doxygen 
zonemd, fix clang analyzer warning about null nsec3 salt pointer access.
 2020-10-29 08:40:22 +01:00
W.C.A. Wijngaards
94ac072f9b zonemd, zonemd-reject-absence config for an auth-zone rejects the zone if 
no ZONEMD is present.
 2020-10-26 15:37:43 +01:00
W.C.A. Wijngaards
165b048e07 zonemd, zonemd-permissive-mode: yes logs the failure but does not block 
the zone after a ZONEMD verification failure.
 2020-10-23 14:33:04 +02:00
W.C.A. Wijngaards
c72ca35f08 unbound-control auth_zone_reload sets zone to nonexpired and 
also updates the xfr soa values from the new zonefile contents.
 2020-10-23 11:44:28 +02:00
W.C.A. Wijngaards
40e713e121 zonemd, unlock xfr lock for auth zone verify of zonemd for mesh new callback. 2020-10-23 10:14:21 +02:00
W.C.A. Wijngaards
1cb7d5a194 zonemd, unit test for auth zone zonemd axfr 
zonemd, zonemds are checked after zone transfer.
 2020-10-23 09:12:51 +02:00
W.C.A. Wijngaards
54d8473ec6 zonemd, pass module stack as function argument. 2020-10-22 13:31:37 +02:00
W.C.A. Wijngaards
6ea1ae17f7 zonemd, fix to harden against failure in pickup zonemd lookups. 2020-10-22 13:20:00 +02:00
W.C.A. Wijngaards
e09873e0c8 zonemd, zonemds are checked at start 2020-10-22 12:10:46 +02:00
W.C.A. Wijngaards
4ba45c34ed zonemd, result of dnssec failures includes rrset and dnssec bogus reason. 2020-10-21 16:18:28 +02:00
W.C.A. Wijngaards
7ac4eb229d zonemd, unit tests for verifying DNSKEY with trust anchor failures. 2020-10-21 15:58:47 +02:00
W.C.A. Wijngaards
1245457967 zonemd, fix that zonemd absence in unsigned zone does not invalidate zone. 2020-10-21 11:56:41 +02:00
W.C.A. Wijngaards
e8d29f973d zonemd, fix that dnssec denial does not invalidate zone. 
zonemd, unit test of nsec and nsec3 denial.
 2020-10-21 11:51:30 +02:00
W.C.A. Wijngaards
f675077502 zonemd, unit test improved debug output and unit test dnssec verify zonemd 2020-10-20 16:49:49 +02:00
W.C.A. Wijngaards
0a238280b9 zonemd, unit test for dnssec verify, implement test. 2020-10-15 12:27:22 +02:00