upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
8029 commits 23 branches 209 tags 123 MiB
Commit graph

4913 commits

Author SHA1 Message Date
W.C.A. Wijngaards
4f12148af4 - Fix redis cachedb module gettimeofday init failure. 
Changelog note for the fix.
 2025-07-28 09:33:42 +02:00
W.C.A. Wijngaards
da9ab59e10 - Redis checks for server down and throttles reconnects. 
And unit test for redis reconnect interval.
 2025-07-24 11:06:00 +02:00
W.C.A. Wijngaards
910288c0d1 - iana portlist updated. 2025-07-17 14:50:29 +02:00
W.C.A. Wijngaards
b6e52c0a52 - Fix #1303: [FR] Disable TLSv1.2. 2025-07-17 14:50:13 +02:00
W.C.A. Wijngaards
b58af78b63 - Fix to not set rlimits in the unit tests. 2025-07-17 11:40:31 +02:00
W.C.A. Wijngaards
a1150078f2 - Add unit tests for non-ecs aggregation. 2025-07-16 11:46:04 +02:00
W.C.A. Wijngaards
f49e6ccecd - Fix for RebirthDay Attack CVE-2025-5994, reported by Xiang Li 
from AOSP Lab Nankai University.
- Tag for 1.23.1 with the release of 1.23.0 and the CVE fix, the
  repository continues with the previous fixes, with 1.23.2.
 2025-07-16 11:40:32 +02:00
Yorgos Thessalonikefs
dd3ac53ff1 - For #1289: add num.valops in the unbound-control man page. 2025-07-12 17:35:16 +02:00
Yorgos Thessalonikefs
1a6052fcac - For #1289: test num.valops in existing stat_values.tdir. 2025-07-12 17:33:43 +02:00
Yorgos Thessalonikefs
6689f0b4da Changelog entry for #1289: 
- Merge #1289 from Roland van Rijswijk-Deij: Add extra statistic to
  track the number of signature validation operations.
  Adds 'num.valops' to extended statistics.
 2025-07-12 16:35:02 +02:00
W.C.A. Wijngaards
b4e12030e7 - For #1301: configure cant find SSL_is_quic in OpenSSL 3.5.1. 2025-07-11 15:58:50 +02:00
W.C.A. Wijngaards
9fe92d1119 - Fix detection of SSL_CTX_set_tmp_ecdh function. 2025-07-11 15:47:59 +02:00
W.C.A. Wijngaards
6ba2d6840b - Fix to improve dnstap discovery on Fedora. 2025-07-08 09:29:27 +02:00
W.C.A. Wijngaards
1de9d6ec66 - Fix layout of comm_point_udp_ancil_callback. 2025-07-03 15:57:49 +02:00
W.C.A. Wijngaards
cb919d5126 - For #1300: implement sock-queue-timeout for FreeBSD as well. 2025-07-03 15:54:33 +02:00
W.C.A. Wijngaards
444c839474 - Fix #1300: Is 'sock-queue-timeout' a linux only feature. 2025-07-03 14:10:46 +02:00
W.C.A. Wijngaards
0276bcbceb Changelog note for #1299 
- Generate ltmain.sh and configure again.
 2025-07-02 10:57:23 +02:00
Jose Luis Duran
41c55ffac1
Fix typos (#1299) 2025-07-02 10:50:49 +02:00
Yorgos Thessalonikefs
4200d23882 - For #1247, replay test (added tcp_transport to 
outnet_serviced_query).
 2025-06-25 14:02:47 +02:00
Yorgos Thessalonikefs
e2814fe165 - For #1247, turn off fetch-policy for delegation when looking into 
parent side name servers that may not update the addresses and hit
  NXNS limits.
 2025-06-25 13:59:17 +02:00
Yorgos Thessalonikefs
ca153f4657 - Fix #1247: forward-first: ssl handshake failed on root nameservers. 2025-06-25 13:56:50 +02:00
Yorgos Thessalonikefs
ee607c0f72 Changelog entry for #1293: 
- Fix #1293: EDE 6 is attached to insecure cached answers when client
  sends the CD bit.
 2025-06-20 14:11:22 +02:00
W.C.A. Wijngaards
ce72770f61 - Fix rrset cache create allocation failure case. 2025-06-19 16:27:13 +02:00
W.C.A. Wijngaards
de93a636da Changelog note for #1297 
- Merge #1297: edns-subnet: fix NULL_AFTER_DEREF on subnetmod.
 2025-06-19 16:24:54 +02:00
W.C.A. Wijngaards
a1d68cdc96 - Fix #1296: DNS over QUIC depends on a very outdated version of 
ngtcp2. Fixed so it works with ngtcp2 1.13.0 and OpenSSL 3.5.0.
 2025-06-19 14:39:45 +02:00
Yorgos Thessalonikefs
9201c75013 - Fix for consistent use of local zone CNAME alias for configured auth 
zones. Now it also applies to downstream configured auth zones.
 2025-06-17 15:03:29 +02:00
W.C.A. Wijngaards
f066d6d453 - Fix #1295: Windows 32-bit binaries download seems to be missing dll 
dependency.
 2025-06-16 14:26:54 +02:00
W.C.A. Wijngaards
a04bd5da29 - Fix to check control-interface addresses in unbound-checkconf. 2025-06-16 12:43:31 +02:00
W.C.A. Wijngaards
e4cf7aeccf - Fix header return value description for skip_pkt_rrs and 
parse_edns_from_query_pkt.
 2025-06-12 12:17:01 +02:00
W.C.A. Wijngaards
a8aa1dbbe1 - Fix conditional expressions with parentheses for bitwise and. 2025-06-11 16:42:43 +02:00
W.C.A. Wijngaards
9f29292839 - Fix bitwise operators in conditional expressions with parentheses. 2025-06-11 15:46:31 +02:00
W.C.A. Wijngaards
1cc1e0b89e - iana portlist updated. 2025-06-05 11:11:56 +02:00
W.C.A. Wijngaards
565bce670c - Fix comment for the dname_remove_label_limit_len function. 2025-06-05 11:11:32 +02:00
W.C.A. Wijngaards
c0563f43b0 - Fix unbound-anchor certificate file read for line ends and end of 
file.
 2025-06-05 11:09:53 +02:00
Yorgos Thessalonikefs
81f3de4da2 - Small man page corrections for the 'disable-dnssec-lame-check' option. 2025-06-03 14:12:27 +02:00
W.C.A. Wijngaards
ff7dfd52a2 - Fix #1288: [FR] Improve fuzzing of unbound by adapting the netbound 
program.
 2025-05-21 12:41:54 +02:00
Yorgos Thessalonikefs
342a0f48e3 - Add more checks about respip in unbound-checkconf. 
Also fixes #310: unbound-checkconf not reporting RPZ configuration
  error.
 2025-05-20 16:21:02 +02:00
Yorgos Thessalonikefs
71ac59e6f4 Changelog entry for #1285: 
- Merge #1285:  RST man pages.
 2025-05-20 12:23:32 +02:00
W.C.A. Wijngaards
32644937b0 - Fix for cname chain length with qtype ANY and qname minimisation. 
Thanks to Jim Greenwood from Nominet for the report.
 2025-05-19 13:17:21 +02:00
W.C.A. Wijngaards
1634beb4a0 - Fix config of slab values when there is no config file. 2025-05-15 14:34:18 +02:00
W.C.A. Wijngaards
1ef7b4a246 - Adjusted so-sndbuf default to 4m. 2025-05-13 15:31:05 +02:00
W.C.A. Wijngaards
03772d10fb - Change default for so-sndbuf to 1m, to mitigate a cross-layer 
issue where the UDP socket send buffers are exhausted waiting
  for ARP/NDP resolution. Thanks to Reflyable for the report.
 2025-05-13 15:04:32 +02:00
Yorgos Thessalonikefs
9152c914af - Fix #1282: log-destaddr fail on long ipv6 addresses. 2025-05-13 11:02:58 +02:00
Yorgos Thessalonikefs
a35ac5d82e - Fix #1284: NULL pointer deref in az_find_nsec_cover() (latent bug) 
by adding a log_assert() to safeguard future development.
 2025-05-13 11:00:23 +02:00
W.C.A. Wijngaards
21e3278400 - Fix #1283: Unsafe usage of atoi() while parsing the configuration 
file.
 2025-05-12 14:57:42 +02:00
Yorgos Thessalonikefs
8e1deede08 Changelog entry for #1280: 
- Merge #1280: Fix auth nsec3 code. Fixes NSEC3 code to not break on
  broken auth zones that include unsigned out of zone (above apex)
  data. Could lead to hang while trying to prove a wildcard answer.
 2025-05-12 14:29:11 +02:00
W.C.A. Wijngaards
8190526250 - Fix #1281: forward-zone "name: ." conflicts with auth-zone "name: ." 
in 1.23.0, but worked in 1.22.0.
 2025-05-09 16:01:41 +02:00
Yorgos Thessalonikefs
5dd14e2644 - Sync unbound and unbound-checkconf log output for unknown modules. 2025-05-05 14:47:12 +02:00
Yorgos Thessalonikefs
b50faccb1d Changelog entry for #1276: 
- Merge #1276: Auto-configure '-slabs' values.
 2025-04-29 15:23:07 +02:00
W.C.A. Wijngaards
a904a3a2c2 - Fix dnstap to use protoc. 2025-04-29 12:43:56 +02:00