upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-09 00:02:55 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
7013 commits 23 branches 209 tags 126 MiB
Commit graph

7013 commits

This branch
This branch
All branches
Author SHA1 Message Date
TCY16
6e31d1f5be add dohpath parsing 2022-08-15 14:36:35 +02:00
TCY16
14fe4669e7 fix testcase comment 2022-08-12 14:09:00 +02:00
W.C.A. Wijngaards
dc6c04b243 - Fix to log accept error ENFILE and EMFILE errno, but slowly, once 
per 10 seconds. Also log accept failures when no slow down is used.
 2022-08-12 09:54:29 +02:00
W.C.A. Wijngaards
ef57f8bd51 - Fix #734 [FR] enable unbound-checkconf to detect more (basic) 
errors.
 2022-08-05 14:41:05 +02:00
W.C.A. Wijngaards
fbe8e3b0b2 - Fix ratelimit inconsistency, for ip-ratelimits the value is the 
amount allowed, like for ratelimits.
 2022-08-04 11:33:37 +02:00
W.C.A. Wijngaards
1c164ab442 Changelog note for #730 
- Merge #730 from luisdallos: Fix startup failure on Windows 8.1 due
  to unsupported IPV6_USER_MTU socket option being set.
 2022-08-02 16:12:31 +02:00
Wouter Wijngaards
e738ec31ca
Merge pull request #730 from luisdallos/win81-unsup-sockopt-fix 
Fix startup failure on Windows 8.1 due to unsupported IPV6_USER_MTU socket option being set
 2022-08-02 16:12:16 +02:00
W.C.A. Wijngaards
07b073ddb3 - Fix unittest for edns subnet change. 2022-08-02 14:43:57 +02:00
W.C.A. Wijngaards
0f08cc6d55 - Fix edns subnet so that scope 0 answers only match sourcemask 0 
queries for answers from cache if from a query with sourcemask 0.
 2022-08-02 14:13:55 +02:00
Luis Dallos
7d3c6f1c43 Fix startup failure on Windows 8.1 due to unsupported IPV6_USER_MTU socket option being set 
Newer mingw-w64 (starting from 8.0.1) introduces support for `IPV6_USER_MTU` socket
option [1], which is not supported on Windows 8.1 and older [2]. As there is no way
to avoid this socket option from being picked at compile time when targeting older
versions of Windows, check for `setsockopt(..., IPV6_USER_MTU, ...)` failures at
runtime in order to avoid startup failure on those versions of Windows where the
`IPV6_USER_MTU` socket option is unsupported.

[1]: mirror/mingw-w64@e30bff4
[2]: `WSAGetLastError()` returns `WSAENOPROTOOPT` (`Bad protocol option`) error code
 2022-08-01 23:03:24 -04:00
W.C.A. Wijngaards
cd22fdc28d - Fix #728: alloc_reg_obtain() core dump. Stop double 
alloc_reg_release when serviced_create fails.
 2022-08-01 16:45:41 +02:00
W.C.A. Wijngaards
5ae48f85c0 - The code repo continues with 1.16.3. 2022-08-01 15:17:10 +02:00
W.C.A. Wijngaards
cbed768b8f - Tests for ghost domain fixes. 2022-08-01 13:26:22 +02:00
W.C.A. Wijngaards
f6753a0f10 - Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699. 2022-08-01 13:24:40 +02:00
George Thessalonikefs
efdd70c7b5 - Cleanup some comments and TODO text. 2022-07-23 19:55:15 +02:00
W.C.A. Wijngaards
f993ffbb07 Changelog note for #718 
- Merge #718: Introduce infra-cache-max-rtt option to config max
  retransmit timeout.
 2022-07-19 15:19:12 +02:00
Wouter Wijngaards
ef9bb0213b
Merge pull request #718 from hunts/make_rtt_max_timeout_configurable 
Introduce infra-cache-max-rtt option to config max retransmit timeout
 2022-07-19 15:15:34 +02:00
George Thessalonikefs
309e23515e - Update documentation for 'outbound-msg-retry:'. 2022-07-19 12:47:01 +02:00
Minghang Chen
249efd4285 Introduce infra-cache-max-rtt option to config max retransmit timeout 
Added the option and let it default to 120 seconds so that it won't change
current behavior.

Related-to #717
 2022-07-16 01:46:18 -07:00
W.C.A. Wijngaards
12cd495d55 - iana portlist update. 2022-07-15 09:20:25 +02:00
W.C.A. Wijngaards
33bd49af81 - Merge PR 714: Avoid treat normal hosts as unresponsive servers. 
And fixup the lock code.
 2022-07-15 08:51:31 +02:00
Wouter Wijngaards
6e50c46102
Merge pull request #714 from hunts/rtt-of-expired-host 
Avoid treat normal hosts as unresponsive servers
 2022-07-15 08:49:51 +02:00
Hunts Chen
88bf803297 Avoid treat normal hosts as unresponsive servers 
This is a fix for issue #713

When infra-keep-probing is on, all hosts with expired entries were treated as
unresponsive servers and thus causing problems (see #713).

This commit change that, so that normal hosts with expired entries are treated
as unknown servers.
 2022-07-14 10:16:13 -07:00
George Thessalonikefs
9e4a17baaf - For windows crosscompile, fix setting the IPV6_MTU socket option 
equivalent (IPV6_USER_MTU); allows cross compiling with latest
  cross-compiler versions.
 2022-07-12 17:17:59 +02:00
W.C.A. Wijngaards
2abd6f7d58 - Fix dname count in sldns parse type descriptor for SVCB and HTTPS. 2022-07-12 13:29:51 +02:00
W.C.A. Wijngaards
7696398231 - Fix verbose EDE error printout. 2022-07-11 13:13:51 +02:00
Wouter Wijngaards
886ffcc155
Merge pull request #711 from NLnetLabs/add-security.md 
add SECURITY.md, based on krill
 2022-07-11 11:37:28 +02:00
W.C.A. Wijngaards
a45ced7739 - This became 1.16.1 on 11 July 2022. 
The code repo continues with version 1.16.2 under development.
 2022-07-11 11:34:54 +02:00
maertsen
125983558b
add SECURITY.md, based on krill 2022-07-05 16:39:04 +02:00
W.C.A. Wijngaards
903538c76e - Tag for 1.16.1rc1 release. 2022-07-04 13:48:56 +02:00
George Thessalonikefs
d447d60fc6 Merge branch 'crrodriguez-IP_BIND_ADDRESS_NO_PORT' 2022-07-04 12:49:00 +02:00
George Thessalonikefs
e5f66b4902 - For #668: relocate and make code more portable. 2022-07-04 12:46:17 +02:00
George Thessalonikefs
0f4c4c1163 Merge branch 'IP_BIND_ADDRESS_NO_PORT' of https://github.com/crrodriguez/unbound into crrodriguez-IP_BIND_ADDRESS_NO_PORT 2022-07-04 11:15:58 +02:00
George Thessalonikefs
eda0c0c194 - Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for 
one loop pass'.
 2022-07-04 09:34:45 +02:00
George Thessalonikefs
309b1d368b - Reintroduce documentation and more EDE support for 
val_sigcrypt.c::dnskeyset_verify_rrset_sig.
 2022-07-04 00:06:26 +02:00
George Thessalonikefs
c513119bba - Improve val_sigcrypt.c::algo_needs_missing for one loop pass. 2022-07-03 23:32:18 +02:00
George Thessalonikefs
a30286502c - Fix for correct openssl error when adding windows CA certificates to 
the openssl trust store.
 2022-07-03 22:41:39 +02:00
George Thessalonikefs
317bab9f1d For #660: formatting, less verbose logging, add EDE information. 2022-07-03 22:32:56 +02:00
George Thessalonikefs
2fba248ebe Changelog entry for #660 
- Merge PR #660 from Petr Menšík: Sha1 runtime insecure.
 2022-07-03 22:28:17 +02:00
Yorgos Thessalonikefs
e102aea751
Merge pull request #660 from InfrastructureServices/sha1-runtime-insecure 
Sha1 runtime insecure
 2022-07-03 22:24:58 +02:00
George Thessalonikefs
24cb764d61 - Add missing changelog entries from PR #706. 2022-07-03 22:21:56 +02:00
George Thessalonikefs
cb28bdcdb0 Changelog entry for #671: 
- Merge PR #671 from Petr Menšík: Disable ED25519 and ED448 in FIPS
  mode on openssl3.
 2022-07-03 22:08:47 +02:00
George Thessalonikefs
bcf7a8aed2 Merge branch 'InfrastructureServices-fips-mode-algo-ed25519' 2022-07-03 21:59:20 +02:00
George Thessalonikefs
391dd86c3b Merge branch 'master' into InfrastructureServices-fips-mode-algo-ed25519 2022-07-01 17:34:09 +02:00
Yorgos Thessalonikefs
b0ce31b4e4
Merge pull request #706 from NLnetLabs/nxns-fallback 
NXNS fallback
 2022-07-01 16:24:33 +02:00
George Thessalonikefs
2dbaba7d73 - Improved logging for NXNS fallback. 2022-07-01 16:18:33 +02:00
George Thessalonikefs
923eb7d474 - Allow fallback to the parent side when MAX_TARGET_NX is reached. 
This will also allow MAX_TARGET_NX more NXDOMAINs.
 2022-06-29 17:32:29 +02:00
George Thessalonikefs
58b21e4fca - Fix to not count cached NXDOMAIN for MAX_TARGET_NX. 2022-06-29 17:26:09 +02:00
W.C.A. Wijngaards
ef718f02e4 Remove debug output from windows compile workflow. 2022-06-29 12:01:39 +02:00
W.C.A. Wijngaards
c8add463c4 - Fix compile warning for windows compile. 2022-06-29 12:00:44 +02:00