upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
7906 commits 23 branches 209 tags 123 MiB
Commit graph

4812 commits

Author SHA1 Message Date
W.C.A. Wijngaards
5c84bb573f Changelog nore for #1238 and add --help description. 
- Merge #1238: Prefer SOURCE_DATE_EPOCH over actual time.
  Add --help output description for the SOURCE_DATE_EPOCH variable.
 2025-02-28 09:32:49 +01:00
W.C.A. Wijngaards
a3d750b7d8 Changelog note for #1243 
- Merge #1243: Do not shadow tm on line 236.
 2025-02-25 09:37:36 +01:00
Yorgos Thessalonikefs
c5c5486261 - Fix hash calculation for cachedb to ignore case. Previously, cached 
records there were only relevant for same case queries (if not
  already in Unbound's internal cache).
 2025-02-24 14:47:13 +01:00
Yorgos Thessalonikefs
1894c0a150 Changelog entry for #1241: 
- Merge #1241: Fix infra-keep-probing for low infra-cache-max-rtt
  values.
 2025-02-19 13:46:01 +01:00
Yorgos Thessalonikefs
5e1f35b59b - Fix static analysis report about unhandled EOF on error conditions 
when reading anchor key files.
 2025-02-19 11:24:49 +01:00
Yorgos Thessalonikefs
72828ff81c - Consider reconfigurations when calculating the still_useful_timeout 
for servers in the infrastructure cache.
 2025-02-17 15:21:18 +01:00
W.C.A. Wijngaards
01cea4d5be - Fix #986: Resolving sas.com with dnssec-validation fails though 
signed delegations seem to be (mostly) correct.
 2025-01-30 16:26:31 +01:00
Yorgos Thessalonikefs
35dbbcb2f5 - Make the default value of module-config "validator iterator" 
regardless of compilation options. --enable-subnet would implicitly
  change the value to enable the subnetcache module by default in the
  past.
 2025-01-29 12:08:28 +01:00
Yorgos Thessalonikefs
911509fd59 Changelog entry for #1220: 
- Merge #1220 from Petr Menšík, Add unbound members group access to
  control key.
 2025-01-24 16:56:09 +01:00
Yorgos Thessalonikefs
cc55beefc8 Changelog entry for #1224: 
- Merge #1224 from Theo Buehler: Do not use DSA API unless USE_DSA is
  set.
 2025-01-21 17:35:00 +01:00
W.C.A. Wijngaards
d9b863ed76 Changelog note for #1229 
- Merge #1229: check before use daemon->shm_info.
 2025-01-21 15:48:46 +01:00
Yorgos Thessalonikefs
f822042cd0 - Do not open unencrypted channels next to encrypted ones on the same 
port.
 2025-01-21 15:26:40 +01:00
W.C.A. Wijngaards
5f58ced71e - Fix to check length in ATMA string to wire. 2025-01-21 12:30:30 +01:00
W.C.A. Wijngaards
207ae97ff9 - Fix encoding of RR type ATMA. 2025-01-21 12:27:15 +01:00
W.C.A. Wijngaards
9a0de14aa1 - Fix compile of interface check code when dnscrypt or quic is 
disabled.
 2025-01-21 10:13:48 +01:00
Yorgos Thessalonikefs
048c193243 - Use the same interface listening port discovery code for all needed 
protocols.
- Port to string only when needed before getaddrinfo().
 2025-01-21 10:04:30 +01:00
Yorgos Thessalonikefs
d62fff2c7c - Create the quic SSL listening context only when needed. 2025-01-20 15:49:37 +01:00
Yorgos Thessalonikefs
3f839cebc3 Changelog entry for #1222: 
- Merge #1222: Unique DoT and DoH SSL contexts to allow for different
  ALPN.
 2025-01-20 15:45:11 +01:00
Yorgos Thessalonikefs
1d428f2d54 Changelog entry for #1221: 
- Merge #1221: Consider auth zones when checking for forwarders.
 2025-01-17 10:19:26 +01:00
Yorgos Thessalonikefs
f52b2a6ea2 - Add resolver.arpa and service.arpa to the default locally served 
zones.
 2025-01-14 17:18:32 +01:00
Yorgos Thessalonikefs
62a0e03801 - Fix #1213: Misleading error message on default access control causing 
refuse.
 2025-01-13 11:33:24 +01:00
Yorgos Thessalonikefs
716f3df385 Changelog entry for #1214: 
- Merge #1214: Use TCP_NODELAY on TLS sockets to speed up the TLS
  handshake.
 2025-01-10 13:54:49 +01:00
Yorgos Thessalonikefs
eb36c880de Changelog entry for #1174: 
- Merge #1174: Serve expired cache update fixes. Fixes a regression bug
  with serve-expired that appeared in 1.22.0 and would not allow the
  iterator to update the cache with not-yet-validated entries resulting
  in increased outgoing traffic.
 2024-12-31 16:30:35 +01:00
Yorgos Thessalonikefs
e57e537c85 - For #1207: [FR] Support for RESINFO RRType 261 (RFC9606), add 
LDNS_RR_TYPE_RESINFO similar to LDNS_RR_TYPE_TXT.
 2024-12-20 15:04:34 +01:00
Yorgos Thessalonikefs
71d821fde9 Changelog entry for #1204: 
- Merge #1204: ci: set persist-credentials: false for actions/checkout
  per zizmor suggestion.
 2024-12-13 13:43:29 +01:00
Yorgos Thessalonikefs
ded4c82ced - Fix typo in log_servfail.tdir test. 2024-12-03 16:03:05 +01:00
Yorgos Thessalonikefs
e82a691efe Changelog entry for #1187: 
- Merge #1187: Create the SSL_CTX for QUIC before chroot and privilege
  drop.
 2024-12-03 14:21:34 +01:00
Yorgos Thessalonikefs
b4a9c8bb05 - Safeguard alias loop while looking in the cache for expired answers. 2024-12-03 14:10:17 +01:00
Yorgos Thessalonikefs
be92752368 - Merge #1198: Fix log-servfail with serve expired and no useful cache 
contents.
 2024-12-03 14:05:12 +01:00
Yorgos Thessalonikefs
9de159b96b - For #1175, the default value of serve-expired-ttl is set to 86400 
(1 day) as suggested by RFC8767.
 2024-12-03 13:09:51 +01:00
Yorgos Thessalonikefs
bd2e66de1e Changelog entry for #1189, #1197: 
- Merge #1189: Fix the dname_str method to cause conversion errors
  when the domain name length is 255.
- Merge #1197: dname_str() fixes.
 2024-12-03 11:58:06 +01:00
Yorgos Thessalonikefs
9e3c50ec9e - For #1175, update serve-expired tests. 2024-11-22 16:14:02 +01:00
Yorgos Thessalonikefs
eefdbb341f - Fix #1175: serve-expired does not adhere to secure-by-default 
principle. The default value of serve-expired-client-timeout
  is set to 1800 as suggested by RFC8767.
 2024-11-22 15:32:34 +01:00
Yorgos Thessalonikefs
e75da7d954 - Fix comparison to help static analyzer. 2024-11-20 10:53:45 +01:00
Yorgos Thessalonikefs
9a3a1bc221 Changelog entry for #1169: 
- Merge #1169 from Sergey Kacheev, fix: lock-free counters for
  auth_zone up/down queries.
 2024-11-19 17:01:34 +01:00
W.C.A. Wijngaards
4cf7fae50c - Fix for #1183: release nsec3 hashes per test file. 2024-11-15 10:47:27 +01:00
W.C.A. Wijngaards
a2ac980737 - Fix #1183: the data being used is released in method 
nsec3_hash_test_entry.
 2024-11-15 10:37:35 +01:00
Yorgos Thessalonikefs
733d5f7161 - Complete fix for max-global-quota to 200. 2024-11-08 17:34:28 +01:00
Yorgos Thessalonikefs
fe288a9b06 - More descriptive text for 'harden-algo-downgrade'. 2024-11-08 13:56:04 +01:00
Yorgos Thessalonikefs
fd1a1d5fa0 - Increase the default of max-global-quota to 200 from 128 after 
operational feedback. Still keeping the possible amplification
  factor (CAMP related issues) in the hundreds.
 2024-11-06 16:28:37 +01:00
Yorgos Thessalonikefs
3c4b87636a Changelog entry for: 
- Fix SETEX check during Redis (re)initialization.
 2024-11-05 12:20:25 +01:00
W.C.A. Wijngaards
60fd77b8f9 - Fix to log redis timeout error string on failure. 2024-11-05 11:41:41 +01:00
W.C.A. Wijngaards
d5e91d181b - Fix for the serve expired DNSSEC information fix, it would not allow 
current delegation information be updated in cache. The fix allows
  current delegation and validation recursion information to be
  updated, but as a consequence no longer has certain expired
  information around for later dnssec valid expired responses.
 2024-11-05 10:39:27 +01:00
W.C.A. Wijngaards
7985d17b57 Changelog note for #1167 
- Merge #1167: Makefile.in: fix occasional parallel build failures
  around bison rule.
 2024-11-04 13:26:27 +01:00
W.C.A. Wijngaards
533c3b0514 - Fix redis that during a reload it does not fail if the redis 
server does not connect or does not respond. It still logs the
  errors and if the server is up checks expiration features.
 2024-11-04 10:14:26 +01:00
Yorgos Thessalonikefs
11b8157a98 Changelog entry for #1157: 
- Merge #1157 from Liang Zhu, Fix heap corruption when calling
  ub_ctx_delete in Windows.
 2024-11-01 16:27:06 +01:00
Yorgos Thessalonikefs
d34fb3ed77 Changelog entry for #1170: 
- Merge #1170 from Melroy van den Berg, Fix chroot manpage
  description.
 2024-11-01 16:12:07 +01:00
Yorgos Thessalonikefs
8a6a4bd7f3 - Add test case for #1159. 
- Some clean up for stat_values.test.
 2024-11-01 15:57:52 +01:00
Yorgos Thessalonikefs
d23523e528 - Merge #1159: Stats for discard-timeout and wait-limit. 2024-11-01 15:54:24 +01:00
Yorgos Thessalonikefs
f5580f0a63 - Fix #1163: Typos in unbound.conf documentation. 2024-10-25 21:25:16 +02:00