upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-24 00:29:58 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
3699 commits 23 branches 209 tags 123 MiB
Commit graph

388 commits

Author SHA1 Message Date
Wouter Wijngaards
f82a0847eb - max sent count. EDNS1480 only for rtt < 5000. No promiscuous 
fetch if sentcount > 3, stop query if sentcount > 16.  Count is
reset when referral or CNAME happens.  This makes unbound better
at managing large NS sets, they are explored when there is continued
interest (in the form of queries).


git-svn-id: file:///svn/unbound/trunk@2499 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 14:11:12 +00:00
Wouter Wijngaards
af93d6033c revert earlier commit. 
git-svn-id: file:///svn/unbound/trunk@2488 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-12 11:28:14 +00:00
Wouter Wijngaards
46eeced066 - Fix operation in ipv6 only (do-ip4: no) mode. 
git-svn-id: file:///svn/unbound/trunk@2487 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-07 14:34:10 +00:00
Wouter Wijngaards
d56aef7b33 - Fix validation failures due to EDNS backoff retries, the retry 
for fetch of data has want_dnssec because the iter_indicate_dnssec
         function returns true when validation failure retry happens, and
         then the serviced query code does not fallback to noEDNS, even if
         the cache says it has this.  This helps for DLV deployment when
         the DNSSEC status is not known for sure before the lookup concludes.


git-svn-id: file:///svn/unbound/trunk@2483 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-26 09:00:43 +00:00
Wouter Wijngaards
d265c02f69 - Fix that internally, CNAMEs with NXDOMAIN have that as rcode. 
git-svn-id: file:///svn/unbound/trunk@2478 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 12:11:54 +00:00
Wouter Wijngaards
17e5bba504 Fix validation of qtype ANY responses with CNAMEs (thanks Cathy Zhang and Luo Ce). 
git-svn-id: file:///svn/unbound/trunk@2477 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 12:02:50 +00:00
Wouter Wijngaards
608f82a1cd IPv6 service address for d.root-servers.net (2001:500:2D::D) 
git-svn-id: file:///svn/unbound/trunk@2426 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-06-12 09:51:00 +00:00
Wouter Wijngaards
eed924d7be - Fix remove private address does not throw away entire response. 
git-svn-id: file:///svn/unbound/trunk@2386 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-28 16:11:49 +00:00
Wouter Wijngaards
790cb51775 - Fix prefetch so it does not get stuck on old server for moved names. 
git-svn-id: file:///svn/unbound/trunk@2372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-13 10:13:01 +00:00
Wouter Wijngaards
4a746142cf - Fix insecure CNAME sequence marked as secure, reported by Bert Hubert. 
git-svn-id: file:///svn/unbound/trunk@2369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-11 12:32:29 +00:00
Wouter Wijngaards
a72fe210ca remove lost and backoff values. 
git-svn-id: file:///svn/unbound/trunk@2309 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 13:30:37 +00:00
Wouter Wijngaards
2bdb094f7b - Fix bug where fallback_tcp causes wrong roundtrip and edns 
observation to be noted in cache.  Fix bug where EDNSprobe halted
  exponential backoff if EDNS status unknown.
- new unresponsive host method, exponentially increasing block backoff.
- iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2303 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-21 15:11:39 +00:00
Wouter Wijngaards
e238b47b0a Fix for request list growth. 
git-svn-id: file:///svn/unbound/trunk@2298 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-19 14:53:29 +00:00
Wouter Wijngaards
46345c0809 - Fix bug when DLV below a trust-anchor that uses NSEC3 optout where 
the zone has a secure delegation hosted on the same server did not
         verify as secure (it was insecure by mistake).


git-svn-id: file:///svn/unbound/trunk@2275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-11 12:21:19 +00:00
Wouter Wijngaards
95db04a64c - bug#327: Fix for cannot access stub zones until the root is primed. 
git-svn-id: file:///svn/unbound/trunk@2228 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-13 09:25:52 +00:00
Wouter Wijngaards
f26b55ea7e fixup yesterdays fix 
git-svn-id: file:///svn/unbound/trunk@2227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-10 11:16:12 +00:00
Wouter Wijngaards
8ec31ebbcc - unresponsive servers are not completely blacklisted (because of 
firewalls), but also not probed all the time (because of the request
            list size it generates).  The probe rate is 1%.


git-svn-id: file:///svn/unbound/trunk@2225 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-09 14:56:51 +00:00
Wouter Wijngaards
9d66b48885 - openbsd-lint fixes: acl_list_get_mem used if debug-alloc enabled. 
iterator get_mem includes priv_get_mem.  delegpt nodup removed.
  listen_pushback, query_info_allocqname, write_socket, send_packet,
  comm_point_set_cb_arg and listen_resume removed.


git-svn-id: file:///svn/unbound/trunk@2222 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-20 13:30:41 +00:00
Wouter Wijngaards
89845bca03 - Fix bug#321: resolution of rs.ripe.net artifacts with 0x20. 
Delegpt structures checked for duplicates always.
         No more nameserver lookups generated when depth is full anyway.


git-svn-id: file:///svn/unbound/trunk@2219 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-19 13:00:21 +00:00
Wouter Wijngaards
40f8fe2815 add and fix doxygen comments for doxygen-1.7.1. (which reports lots of 
spurious items as well, by the way).


git-svn-id: file:///svn/unbound/trunk@2211 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-13 08:41:49 +00:00
Wouter Wijngaards
b701d70147 - Return NXDOMAIN after chain of CNAMEs ends at name-not-found. 
git-svn-id: file:///svn/unbound/trunk@2208 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-05 14:31:52 +00:00
Wouter Wijngaards
f042f0dd5d - Neat function prototypes, unshadowed local declarations. 
git-svn-id: file:///svn/unbound/trunk@2188 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-07 13:13:36 +00:00
Wouter Wijngaards
654d66d6a7 - log if a server is skipped because it is on the donotquery list, 
at verbosity 4, to enable diagnosis why no queries to 127.0.0.1.


git-svn-id: file:///svn/unbound/trunk@2174 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-05 07:45:20 +00:00
Wouter Wijngaards
14f178e486 Fix for lame reply corner case. 
git-svn-id: file:///svn/unbound/trunk@2168 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-25 08:32:51 +00:00
Wouter Wijngaards
6325974a0b root hints from ftp.internic.net. 
git-svn-id: file:///svn/unbound/trunk@2158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-18 07:18:22 +00:00
Wouter Wijngaards
d1a68958a9 - Add AAAA to root hints for I.ROOT-SERVERS.NET. 
git-svn-id: file:///svn/unbound/trunk@2157 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-17 19:17:09 +00:00
Wouter Wijngaards
cb3b649707 - Max referral count from 30 to 130, because 128 one character domains 
is valid DNS.


git-svn-id: file:///svn/unbound/trunk@2152 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-15 10:50:20 +00:00
Wouter Wijngaards
d7fec82eaa - Fix to use one pointer less for iterator query state store_parent_NS. 
git-svn-id: file:///svn/unbound/trunk@2150 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-15 09:47:11 +00:00
Wouter Wijngaards
b014aac438 fix 
git-svn-id: file:///svn/unbound/trunk@2146 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-11 14:24:25 +00:00
Wouter Wijngaards
1f0f85b59a - When retry to parent the retrycount is not wiped, so failed 
nameservers are not tried again.
       - iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2145 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-11 14:09:56 +00:00
Wouter Wijngaards
b9603c178a - Fix bug where a long loop could be entered, now cycle detection 
has a loop-counter and maximum search amount.


git-svn-id: file:///svn/unbound/trunk@2144 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-10 14:10:17 +00:00
Wouter Wijngaards
1f9172697c more last resort lookup options. 
git-svn-id: file:///svn/unbound/trunk@2139 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-03 15:06:50 +00:00
Wouter Wijngaards
b65fa84ea5 review fixes. 
git-svn-id: file:///svn/unbound/trunk@2138 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-03 13:38:09 +00:00
Wouter Wijngaards
ba4ff40d9d - Fix storage of negative parent glue if that last resort fails. 
git-svn-id: file:///svn/unbound/trunk@2127 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-01 09:33:25 +00:00
Wouter Wijngaards
1bd8583d3f Force off bit Z. 
git-svn-id: file:///svn/unbound/trunk@2126 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-01 06:48:15 +00:00
Wouter Wijngaards
d9e6fd3bac - fix parentside and querytargets modulestate, for dump_requestlist. 
git-svn-id: file:///svn/unbound/trunk@2123 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-31 14:01:32 +00:00
Wouter Wijngaards
153fd4a7f6 - parentside names are dispreferred but not said to be dnssec-lame. 
- parentside check for cached newname glue.


git-svn-id: file:///svn/unbound/trunk@2122 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-31 13:03:58 +00:00
Wouter Wijngaards
6ef058f9b0 - Fix AD flag handling, it could in some cases mistakenly copy the AD 
flag from upstream servers.


git-svn-id: file:///svn/unbound/trunk@2120 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-31 07:36:01 +00:00
Wouter Wijngaards
6d77834955 parent-child misconfigured data lookup. 
git-svn-id: file:///svn/unbound/trunk@2119 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-28 14:15:29 +00:00
Wouter Wijngaards
4cc482e222 - Fix resolution for domains like safesvc.com.cn. If the iterator 
can not recurse further and it finds the delegation in a state
         where it would otherwise have rejected it outhand if so received
         from a cache lookup, then it can try to ask higherup (with loop
         protection).
       - Fix comments in iter_utils:dp_is_useless.


git-svn-id: file:///svn/unbound/trunk@2114 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-19 12:59:27 +00:00
Wouter Wijngaards
807a1c5b74 - Fix resolution for domains like safesvc.com.cn. If the iterator 
can not recurse further and it finds the delegation in a state
         where it would otherwise have rejected it outhand if so received
         from a cache lookup, then it can try to ask higherup (with loop
         protection).


git-svn-id: file:///svn/unbound/trunk@2113 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-19 12:55:49 +00:00
Wouter Wijngaards
b4b641807b Fix various compiler warnings from the clang llvm compiler. 
git-svn-id: file:///svn/unbound/trunk@2111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-18 12:37:04 +00:00
Wouter Wijngaards
7276cf7dd0 - Fix dnssec-missing detection that was turned off by server selection. 
git-svn-id: file:///svn/unbound/trunk@2107 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-04 08:39:04 +00:00
Wouter Wijngaards
5c4fbf10b1 fix for key cache lookup 
git-svn-id: file:///svn/unbound/trunk@2105 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-29 12:52:44 +00:00
Wouter Wijngaards
cccba6e2c7 dnssec lameness detection looks in key cache if dnssec is expected. 
git-svn-id: file:///svn/unbound/trunk@2104 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-29 12:36:12 +00:00
Wouter Wijngaards
a29b2ad908 Fix harden-referral-path so it does not generate lookup failures. 
git-svn-id: file:///svn/unbound/trunk@2101 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-27 14:15:19 +00:00
Wouter Wijngaards
339d94b643 - fix retry sequence if prime hints are recursion-lame. 
git-svn-id: file:///svn/unbound/trunk@2099 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-27 11:10:35 +00:00
Wouter Wijngaards
3a754ae461 Fix bug#307: 0x20 fallback outstanding query count, together with rec_lame, 
and canonical rrset comparison.


git-svn-id: file:///svn/unbound/trunk@2097 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-26 14:59:44 +00:00
Wouter Wijngaards
f12b7a8dd9 - More strict scrubber (Thanks to George Barwood for the idea): 
NS set must be pertinent to the query (qname subdomain nsname).


git-svn-id: file:///svn/unbound/trunk@2096 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-26 13:40:37 +00:00
Wouter Wijngaards
35f3d4ecb1 - Fix to fetch data as last resort more tenaciously. When cycle 
targets cause the server selection to believe there are more options
	  when they really are not there, the server selection is reinitiated.
	- Fix fetch from blacklisted dnssec lame servers as last resort.  The
	  servers IP address is then given in validator errors as well.



git-svn-id: file:///svn/unbound/trunk@2089 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-23 09:07:05 +00:00
Wouter Wijngaards
18a7df3d5c - Fix EDNS probe for .de DNSSEC testbed failure, where the infra 
cache timeout coincided with a server update, the current EDNS 
  backoff is less sensitive, and does not cache the backoff unless 
  the backoff actually works and the domain is not expecting DNSSEC.


git-svn-id: file:///svn/unbound/trunk@2063 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-06 08:35:37 +00:00
Wouter Wijngaards
75565262f7 Fixed random numbers for port, interface and server selection. 
Removed very small bias.
Also some lint fixes.



git-svn-id: file:///svn/unbound/trunk@2049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-18 14:42:22 +00:00
Wouter Wijngaards
147d47eee7 Move includes to code files. 
git-svn-id: file:///svn/unbound/trunk@2035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-12 15:17:48 +00:00
Wouter Wijngaards
867dfc0563 remove unnecessary if statement 
git-svn-id: file:///svn/unbound/trunk@2009 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-04 15:24:34 +00:00
Wouter Wijngaards
38fe29b9fd Nicer debug output. 
git-svn-id: file:///svn/unbound/trunk@1999 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-01 13:00:00 +00:00
Wouter Wijngaards
5dcbb54e63 - Fix scrubber bug that potentially let NS records through. Reported 
by Amanda Constant.
        - Also delete potential poison references from additional.
        - Fix: no classification of a forwarder as lame, throwaway instead.


git-svn-id: file:///svn/unbound/trunk@1993 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-02-24 13:27:47 +00:00
Wouter Wijngaards
eeefe9ac45 Stops blacklisting because of strange firewalls. 
git-svn-id: file:///svn/unbound/trunk@1987 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-02-18 11:21:11 +00:00
Wouter Wijngaards
38c6664caf A little more strict DS scrubbing. 
git-svn-id: file:///svn/unbound/trunk@1986 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-02-18 09:47:08 +00:00
Wouter Wijngaards
36ccd87840 Scrub DNSKEY, DLV and DS much more stringently. 
git-svn-id: file:///svn/unbound/trunk@1985 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-02-17 16:50:04 +00:00
Wouter Wijngaards
2bd83fd0cf fixup lookup trouble for parent-child domains on the first query. 
git-svn-id: file:///svn/unbound/trunk@1960 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-20 13:11:11 +00:00
Wouter Wijngaards
bcd1ac7599 prefetch-key feature. 
git-svn-id: file:///svn/unbound/trunk@1956 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-13 13:33:18 +00:00
Wouter Wijngaards
5b0fd59e76 work on prefetch: store the updated results in the cache. 
git-svn-id: file:///svn/unbound/trunk@1954 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-08 15:59:36 +00:00
Wouter Wijngaards
9a9df2478d Fix parent child disagreement handling and no-ipv6 present. 
git-svn-id: file:///svn/unbound/trunk@1953 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-08 12:47:27 +00:00
Wouter Wijngaards
43d228c5bc Doc fix and work on prefetch feature. 
git-svn-id: file:///svn/unbound/trunk@1951 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-07 14:38:18 +00:00
Wouter Wijngaards
8e447003fd more verbose output to describe lame addresses. 
git-svn-id: file:///svn/unbound/trunk@1949 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-06 13:15:21 +00:00
Wouter Wijngaards
7094eab574 fixes and new ldns tarball. 
git-svn-id: file:///svn/unbound/trunk@1939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-15 09:31:39 +00:00
Wouter Wijngaards
ab9bd76768 Answer qclass=ANY. 
git-svn-id: file:///svn/unbound/trunk@1938 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-15 09:10:04 +00:00
Wouter Wijngaards
d3dc108dd9 Readup fixes. 
git-svn-id: file:///svn/unbound/trunk@1935 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-10 15:41:52 +00:00
Wouter Wijngaards
c68aebb3d7 - Fix SOA excluded from negative DS responses. Reported by Hauke 
Lampe.  The negative cache did not include proper SOA records for
	  negative qtype DS responses which makes BIND barf on it, such
	  responses are now only used internally.
	- Fix negative cache lookup of closestencloser check of DS type bit.



git-svn-id: file:///svn/unbound/trunk@1932 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-09 14:55:19 +00:00
Wouter Wijngaards
59c529bada Fix lookup of domains with parent-child zonecut data differences. 
git-svn-id: file:///svn/unbound/trunk@1929 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-08 13:37:59 +00:00
Wouter Wijngaards
5bc9a80e40 review fixes. 
git-svn-id: file:///svn/unbound/trunk@1897 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-10 16:02:05 +00:00
Wouter Wijngaards
5d2e8e8e97 Retry mode, DS and prime. 
git-svn-id: file:///svn/unbound/trunk@1860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 07:52:02 +00:00
Wouter Wijngaards
455c3d130d Data retry on validation failure. 
git-svn-id: file:///svn/unbound/trunk@1859 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-06 08:31:47 +00:00
Wouter Wijngaards
ee1c4c1cce Failure handling for 5011. 
git-svn-id: file:///svn/unbound/trunk@1848 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-23 09:05:44 +00:00
Wouter Wijngaards
1f7304d146 revocation of trust anchors works. 
git-svn-id: file:///svn/unbound/trunk@1846 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-22 14:04:43 +00:00
Wouter Wijngaards
c4cfcdab6b Fix problem with delegation where glue has expired. 
git-svn-id: file:///svn/unbound/trunk@1837 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-17 14:36:06 +00:00
Wouter Wijngaards
165a235f4d debug prints for high verbosity 
git-svn-id: file:///svn/unbound/trunk@1830 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-15 14:03:44 +00:00
Wouter Wijngaards
c42056b9aa Blacklist when 16 queries fail in a row. 
git-svn-id: file:///svn/unbound/trunk@1764 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-17 12:43:23 +00:00
Wouter Wijngaards
21e791248f autotrust work 
git-svn-id: file:///svn/unbound/trunk@1760 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-13 15:32:04 +00:00
Wouter Wijngaards
dcea0777bf Fixup for root prime requests sent when not needed. 
git-svn-id: file:///svn/unbound/trunk@1736 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-07-23 13:21:42 +00:00
Wouter Wijngaards
894ba681f0 Fixup lameness handling in server selection. 
git-svn-id: file:///svn/unbound/trunk@1735 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-07-21 13:52:39 +00:00
Wouter Wijngaards
8b2f5dcaf0 Fixup strict aliasing safer. 
git-svn-id: file:///svn/unbound/trunk@1680 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-22 07:56:19 +00:00
Wouter Wijngaards
368dc659ea Handle referral path check cases where NS is in the answer section. 
git-svn-id: file:///svn/unbound/trunk@1678 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-19 08:55:12 +00:00
Wouter Wijngaards
ef564b5a29 Fixup strict aliasing warning on Fedora 11. 
git-svn-id: file:///svn/unbound/trunk@1674 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-19 07:09:12 +00:00
Wouter Wijngaards
a40ec4b935 Fix max depth check. 
git-svn-id: file:///svn/unbound/trunk@1660 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-16 09:06:52 +00:00
Wouter Wijngaards
07411c16a9 Fixup stub below a forward, the stub is still honored and not trumped by the 
forward zone.


git-svn-id: file:///svn/unbound/trunk@1653 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-12 09:01:42 +00:00
Wouter Wijngaards
1b8519e619 Fixup stub chain of trust from public to private servers. 
git-svn-id: file:///svn/unbound/trunk@1648 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-11 14:02:37 +00:00
Wouter Wijngaards
add0079981 And review fixup recommit. 
git-svn-id: file:///svn/unbound/trunk@1647 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-11 10:52:28 +00:00
Wouter Wijngaards
8c36960c29 lint, aliasing. 
git-svn-id: file:///svn/unbound/trunk@1643 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-08 14:51:00 +00:00
Wouter Wijngaards
b2ff49e4c4 review comments Matthijs. 
git-svn-id: file:///svn/unbound/trunk@1637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-03 08:06:42 +00:00
Wouter Wijngaards
5e2189bb35 Fixup crash if root prime has a timeout and parent qstate has been deleted. 
git-svn-id: file:///svn/unbound/trunk@1626 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-05-27 12:10:07 +00:00
Wouter Wijngaards
7758098250 change in debug statements. 
git-svn-id: file:///svn/unbound/trunk@1625 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-05-27 11:27:41 +00:00
Wouter Wijngaards
daf63c7e89 Fixup assertion that no longer holds (since the new DoS prevention code jostles out old queries). 
git-svn-id: file:///svn/unbound/trunk@1623 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-05-26 14:42:14 +00:00
Wouter Wijngaards
21389820a7 Optimisation. 
git-svn-id: file:///svn/unbound/trunk@1617 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-27 12:40:22 +00:00
Wouter Wijngaards
5445bf72ba - Fixed a bug that caused messages to be stored in the cache too 
long.  Hard to trigger, but NXDOMAINs for nameservers or CNAME
	  targets have been more vulnerable to the TTL miscalculation bug. 


git-svn-id: file:///svn/unbound/trunk@1582 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-03 13:49:40 +00:00
Wouter Wijngaards
bcd6fee1f4 test and nicer error handling on target query failure. 
git-svn-id: file:///svn/unbound/trunk@1530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-17 14:45:31 +00:00
Wouter Wijngaards
cf068986ff more cycle checks. 
fix for reentrant problem.


git-svn-id: file:///svn/unbound/trunk@1485 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-18 13:23:17 +00:00
Wouter Wijngaards
a2dcd9c019 forward command for unbound-control. 
git-svn-id: file:///svn/unbound/trunk@1482 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-13 15:26:37 +00:00
Wouter Wijngaards
dfef08c21f show fwders in use. 
git-svn-id: file:///svn/unbound/trunk@1481 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-12 16:11:53 +00:00
Wouter Wijngaards
7ac31bc1d5 - unbound-host -4 and -6 options. Stops annoying ipv6 errors when 
debugging with unbound -4 -d ... 
        - more cycle detection for NS-check, addr-check, root-prime and
          stub-prime queries in the iterator.  Avoids possible deadlock
          when priming fails.


git-svn-id: file:///svn/unbound/trunk@1444 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-16 10:38:19 +00:00
Wouter Wijngaards
37c3bef544 Squelch ipv6 network unreachable from verbosity default (1). 
git-svn-id: file:///svn/unbound/trunk@1443 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-16 09:48:40 +00:00
Wouter Wijngaards
0b04be414e sun cc warnings 
git-svn-id: file:///svn/unbound/trunk@1439 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-15 10:34:18 +00:00
Wouter Wijngaards
c90fd40a5e fixes for suncc warnings 
git-svn-id: file:///svn/unbound/trunk@1438 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-15 10:29:17 +00:00
Wouter Wijngaards
b33f5f66ec remove debug prints 
git-svn-id: file:///svn/unbound/trunk@1435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-14 14:41:41 +00:00
Wouter Wijngaards
a46c9197c4 EDNS fallback fixed for error cache. 
git-svn-id: file:///svn/unbound/trunk@1434 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-14 09:56:41 +00:00
Wouter Wijngaards
bfc64ade3c please lint. 
git-svn-id: file:///svn/unbound/trunk@1433 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-14 09:47:00 +00:00
Wouter Wijngaards
900142fb79 - 1.2.1 feature: negative caching for failed queries. 
Queries that failed are cached for 5 seconds (NORR_TTL).
	  If the failure is local, like out of memory, it is not cached.
	- the TTL comparison for the cache used different comparisons,
	  causing many cache responses that used the iterator and validator
	  state machines unnecessarily.



git-svn-id: file:///svn/unbound/trunk@1432 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-14 09:38:15 +00:00
Wouter Wijngaards
5aa65f431b 1.2.1 feature: stop AAAA queries that are not needed. 
git-svn-id: file:///svn/unbound/trunk@1431 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-13 15:57:42 +00:00
Wouter Wijngaards
a3ff369cfd Fixup for previous fixup. 
git-svn-id: file:///svn/unbound/trunk@1429 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-13 12:53:18 +00:00
Wouter Wijngaards
c76429ab57 Fixup for qtype NS. 
git-svn-id: file:///svn/unbound/trunk@1428 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-13 12:45:02 +00:00
Wouter Wijngaards
0a9116f856 fix bug 
git-svn-id: file:///svn/unbound/trunk@1426 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-13 10:44:04 +00:00
Wouter Wijngaards
9f4a9249c6 lameness debugging. 
fix for lameness hashing.


git-svn-id: file:///svn/unbound/trunk@1425 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-12 09:22:39 +00:00
Wouter Wijngaards
33ae9fd843 - added L.ROOT-SERVERS.NET. AAAA 2001:500:3::42 to builtin root hints. 
- fixup so it works with libev-3.51 from http://dist.schmorp.de/libev/
- comm_timer_set performs base_set operation after event_add.



git-svn-id: file:///svn/unbound/trunk@1406 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-05 15:05:33 +00:00
Wouter Wijngaards
159c7e4d6c more verbose about server selection. 
git-svn-id: file:///svn/unbound/trunk@1400 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-12-18 11:27:57 +00:00
Wouter Wijngaards
386ff5debe Fixup when all servers for a zone are offline. 
git-svn-id: file:///svn/unbound/trunk@1378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-26 09:46:31 +00:00
Wouter Wijngaards
75cf6d0f86 better comment svn:NO TEST 
git-svn-id: file:///svn/unbound/trunk@1354 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-17 14:19:05 +00:00
Wouter Wijngaards
c653b8424b Fixup for problems with do-ip6: no and only ipv6 addresses. 
git-svn-id: file:///svn/unbound/trunk@1353 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-17 12:47:34 +00:00
Wouter Wijngaards
c6541a2def iana portlist updated. 
doxygen comments better.



git-svn-id: file:///svn/unbound/trunk@1335 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-06 11:12:25 +00:00
Wouter Wijngaards
3708097870 Fixup decompression for private-name checks. 
git-svn-id: file:///svn/unbound/trunk@1334 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-06 10:59:31 +00:00
Wouter Wijngaards
83a017d3d1 stub-prime option. 
git-svn-id: file:///svn/unbound/trunk@1319 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-22 12:01:40 +00:00
Wouter Wijngaards
00f301d35f Ask more nameservers if choice is limited. 
Lowered bogus-ttl to help validation-failure recovery times.



git-svn-id: file:///svn/unbound/trunk@1313 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-20 14:24:35 +00:00
Wouter Wijngaards
f4ad52dffd Do not query bogus name servers. 
git-svn-id: file:///svn/unbound/trunk@1312 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-20 13:51:47 +00:00
Wouter Wijngaards
a0d9d48d8f root prime validation 
git-svn-id: file:///svn/unbound/trunk@1309 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-17 15:07:28 +00:00
Wouter Wijngaards
bf659c8362 Referral path checking, for spoof mitigation, improved. 
git-svn-id: file:///svn/unbound/trunk@1305 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-15 13:32:49 +00:00
Wouter Wijngaards
dbaa5194a6 Recursion lame is detected and last resort is used to resolve. 
git-svn-id: file:///svn/unbound/trunk@1294 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-13 09:11:42 +00:00
Wouter Wijngaards
b6696c1342 nsec3 negative cache works. 
git-svn-id: file:///svn/unbound/trunk@1292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-09 15:06:35 +00:00
Wouter Wijngaards
c73c662fce work on nsec3 negative cache for qtype DS . 
git-svn-id: file:///svn/unbound/trunk@1290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-08 14:42:46 +00:00
Wouter Wijngaards
45afaf3e08 nsec negative DS. 
git-svn-id: file:///svn/unbound/trunk@1289 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-08 10:04:27 +00:00
Wouter Wijngaards
939fabd809 0x20 fallback code. 
git-svn-id: file:///svn/unbound/trunk@1285 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-06 14:46:22 +00:00
Wouter Wijngaards
3385bcc255 Stub on same host works 
git-svn-id: file:///svn/unbound/trunk@1276 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-30 13:40:44 +00:00
Wouter Wijngaards
cfceb6487d lookup delegation from cache and printout. 
git-svn-id: file:///svn/unbound/trunk@1266 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-23 10:55:36 +00:00
Wouter Wijngaards
121cb15d67 remote control setup, port binding and service. 
git-svn-id: file:///svn/unbound/trunk@1227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-10 15:23:01 +00:00
Wouter Wijngaards
26429c9457 refactored code. 
git-svn-id: file:///svn/unbound/trunk@1225 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-04 14:29:05 +00:00
Wouter Wijngaards
72904a3366 private-addresses. 
git-svn-id: file:///svn/unbound/trunk@1224 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-04 12:25:15 +00:00
Wouter Wijngaards
ff1a7ec42e private address and private domain config option read and store. 
git-svn-id: file:///svn/unbound/trunk@1223 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-03 14:40:09 +00:00
Wouter Wijngaards
a66e16cb31 new NS queries is not an option (off by default). 
git-svn-id: file:///svn/unbound/trunk@1219 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-29 14:46:08 +00:00
Wouter Wijngaards
82ce090a35 Remove overreaching NSEC rrsets. 
git-svn-id: file:///svn/unbound/trunk@1207 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-26 10:32:46 +00:00
Wouter Wijngaards
1e4e8cb68a - Fixup rrset security updates overwriting 2181 trust status. 
This makes validated to be insecure data just as worthless as
	  nonvalidated data, and 2181 rules prevent cache overwrites to them.
	- Fix assertion fail on bogus key handling.
	- dnssec lameness detection works on first query at trust apex.
	- NS queries get proper cache and dnssec lameness treatment.
	- fixup compilation without pthreads on linux.
	- NS queries are done after every referral.
	  validator is used on those NS records (if anchors enabled).




git-svn-id: file:///svn/unbound/trunk@1185 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-12 10:13:57 +00:00
Wouter Wijngaards
4fe0d98ff4 Same scrubber patch to trunk. 
git-svn-id: file:///svn/unbound/trunk@1181 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-07 07:31:05 +00:00
Matthijs Mekking
14f657933c free prev and origin after failing reading root hints. 
note:
valgrind still complains about the following:

==19935==    by 0x40581E1: ldns_key_buf2rsa_raw (dnssec.c:421)
==19935==    by 0x40B1151: dnskey_verify_rrset_sig (val_sigcrypt.c:1265)




git-svn-id: file:///svn/unbound/trunk@1144 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-07-03 14:01:15 +00:00
Wouter Wijngaards
5eb7ff35ca fixup for newegg lameness. 
git-svn-id: file:///svn/unbound/trunk@1137 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-06-25 09:39:57 +00:00
Wouter Wijngaards
8527bd4aff Fixup Richard Doty reported lameness detection fault. 
git-svn-id: file:///svn/unbound/trunk@1111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-06-09 08:29:59 +00:00
Wouter Wijngaards
283f2a5edb if multiple CNAME's, use the first. 
git-svn-id: file:///svn/unbound/trunk@1109 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-06-08 09:27:48 +00:00
Wouter Wijngaards
aab6da9362 IPv6 servers 
TODO items


git-svn-id: file:///svn/unbound/trunk@1078 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-05-13 12:33:41 +00:00
Wouter Wijngaards
30a1d557bd porting. 
git-svn-id: file:///svn/unbound/trunk@1056 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-16 16:09:25 +00:00
Wouter Wijngaards
64627b1a63 RTT banding, more spoof resistance randomness. 
git-svn-id: file:///svn/unbound/trunk@1019 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-03-25 15:33:24 +00:00
Wouter Wijngaards
87700fea40 Enforce presence of query section in reply. 
git-svn-id: file:///svn/unbound/trunk@1018 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-03-25 14:03:31 +00:00
Wouter Wijngaards
677d67c29c Patch from Koji, thanks! 
git-svn-id: file:///svn/unbound/trunk@1015 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-03-05 14:54:51 +00:00
Wouter Wijngaards
39b2a21a81 Answers use same case as query does. 
git-svn-id: file:///svn/unbound/trunk@993 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-26 20:45:20 +00:00
Wouter Wijngaards
f3cfe6ed9c - setup speec_cache for need-ldns-testns in dotests. 
- check number of queued replies on incoming queries to avoid overload
         on that account.
       - fptr whitelist checks are not disabled in optimize mode.



git-svn-id: file:///svn/unbound/trunk@971 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-20 07:18:42 +00:00