upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-26 01:29:58 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6863 commits 23 branches 209 tags 124 MiB
Commit graph

6863 commits

This branch
This branch
All branches
Author SHA1 Message Date
Oscar Mira
78aee89201 Replace OpenSSL's ERR_PACK with ERR_GET_REASON 2022-02-17 20:20:18 +01:00
W.C.A. Wijngaards
c29b0e0a96 - Fix for #611: Integer overflow in sldns_wire2str_pkt_scan. 2022-02-03 09:03:09 +01:00
W.C.A. Wijngaards
50a312b8da - Update contrib/aaaa-filter-iterator.patch with diff for current 
software version.
 2022-02-02 15:35:19 +01:00
W.C.A. Wijngaards
893fb4d54b - Fix docker splint test to use more portable uname. 2022-02-02 14:47:57 +01:00
W.C.A. Wijngaards
6bad577781 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-02-02 14:11:55 +01:00
W.C.A. Wijngaards
2642319ea6 - please clang analyzer for loop in test code. 2022-02-02 14:11:36 +01:00
George Thessalonikefs
d123e1c919 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-02-02 14:05:35 +01:00
George Thessalonikefs
c53171d942 - Changelog entry clarification. 2022-02-02 14:05:31 +01:00
W.C.A. Wijngaards
e656be63f9 - Fix header comment for doxygen for authextstrtoaddr. 2022-02-02 13:20:46 +01:00
W.C.A. Wijngaards
ee3c478239 - Update version number in repo to 1.15.0 for upcoming release, 
since it changes the aggressive-nsec default and the ratelimit change.
 2022-02-02 13:09:51 +01:00
George Thessalonikefs
b1feb9fb1e - Update stream_ssl.tdir test to also use the new forward-host notation. 2022-02-02 12:55:29 +01:00
George Thessalonikefs
819008cf7e - Merge PR #617: Update stub/forward-host notation to accept port and 
tls-auth-name.
 2022-02-02 11:57:36 +01:00
gthess
11f2e7e6ae
Merge pull request #617 from NLnetLabs/update-host-notation 
Update stub/forward-host notation to accept port and tls-auth-name
 2022-02-02 11:56:27 +01:00
gthess
414a37ed2b
Don't accidentaly introduce a troff macro 
Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2022-02-02 11:53:38 +01:00
George Thessalonikefs
32c3bbd249 - Change aggressive-nsec default to yes. 2022-02-02 11:25:08 +01:00
George Thessalonikefs
c6b413069d Changelog entry for #616 
- Merge PR #616: Update ratelimit logic. It also introduces
  ratelimit-backoff and ip-ratelimit-backoff configuration options.
 2022-02-02 11:18:14 +01:00
gthess
358e3a5963
Merge pull request #616 from NLnetLabs/bugfix/ratelimit 
Update ratelimit logic
 2022-02-02 11:16:04 +01:00
George Thessalonikefs
25eae982de Merge branch 'Shchelk-bufferoverflow' 2022-02-02 10:50:54 +01:00
George Thessalonikefs
506d24c7a6 Changelog entry for #532 
- Merge PR #532 from Shchelk: Fix: buffer overflow bug.
 2022-02-02 10:48:56 +01:00
George Thessalonikefs
d81e1c999b Merge branch 'bufferoverflow' of https://github.com/Shchelk/unbound into Shchelk-bufferoverflow 2022-02-02 10:42:06 +01:00
George Thessalonikefs
a5e9221933 Changelog note for #603: 
- Merge PR #603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA
  internals.
 2022-02-01 18:00:46 +01:00
gthess
1199482372
Merge pull request #603 from fobser/dsa_rsa_internals 
Use OpenSSL 1.1 API to access DSA and RSA internals
 2022-02-01 17:58:11 +01:00
gthess
b93aa79a05
Prefer the libressl API from when it was available 2022-02-01 17:54:42 +01:00
gthess
7ddd456f02
Fix typo from review 
Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2022-02-01 17:38:16 +01:00
George Thessalonikefs
814a234876 - Update stub/forward-host notation to accept port and tls-auth-name. 
Fixes #546.
 2022-02-01 14:44:29 +01:00
George Thessalonikefs
10d9804149 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-01-31 11:28:30 +01:00
George Thessalonikefs
a60bbd12ed -Fix review comment for use-after-free when failing to send UDP out. 2022-01-31 11:27:35 +01:00
W.C.A. Wijngaards
84df46289d - iana portlist update. 2022-01-31 10:53:22 +01:00
George Thessalonikefs
52283194eb - Update unbound.conf manpage and example.conf file for ratelimit 
options.
 2022-01-30 01:04:15 +01:00
George Thessalonikefs
c8a6234aac - Add tests for ratelimit. 2022-01-30 00:51:39 +01:00
George Thessalonikefs
3086335724 - Introduce ratelimit-backoff and ip-ratelimit-backoff options for more 
aggressive rate limiting.
 2022-01-30 00:36:29 +01:00
George Thessalonikefs
f857af873e - Update ratelimit code for recent serviced_query changes and more 
accurate ratelimit calculation.
 2022-01-29 23:49:38 +01:00
George Thessalonikefs
888eb224a6 - Better cleanup on failed DoT/DoH listening socket creation. 2022-01-29 15:14:56 +01:00
George Thessalonikefs
c49e87e1b7 - Fix tls-* and ssl-* documented alternate syntax to also be available 
through remote-control and unbound-checkconf.
 2022-01-29 15:11:47 +01:00
W.C.A. Wijngaards
d10562c823 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-01-26 16:41:04 +01:00
W.C.A. Wijngaards
54ea2948da - Test for NSID in SERVFAIL response due to DNSSEC bogus. 2022-01-26 16:40:04 +01:00
George Thessalonikefs
ea47c08e70 - Fix #599: [FR] RFC 9156 (obsoletes RFC 7816), by noting the new RFC 
document.
 2022-01-26 14:35:22 +01:00
George Thessalonikefs
79e755e1dd Changelog note for #612: 
- Merge PR #612: TCP race condition.
 2022-01-25 17:29:52 +01:00
gthess
ddc3c754b0
Merge pull request #612 from NLnetLabs/tcp-race-condition 
TCP race condition
 2022-01-25 17:26:30 +01:00
George Thessalonikefs
5c85615515 - Fix #588: Unbound 1.13.2 crashes due to p->pc is NULL in 
serviced_udp_callback.
 2022-01-25 17:15:37 +01:00
George Thessalonikefs
f0c6d26155 - Better bookkeeping when reclaiming the TCP buffer. 2022-01-25 10:32:37 +01:00
George Thessalonikefs
4573629fc4 - Mark waiting_tcp and serviced_query as being in the 
cb_and_decommission stage to signal later code about their state;
  prevents premature item deletion.
 2022-01-25 09:46:16 +01:00
W.C.A. Wijngaards
70f13e54bf Changelog note for #610 
- Fix #610: Undefine-shift in sldns_str2wire_hip_buf.
 2022-01-25 09:02:55 +01:00
W.C.A. Wijngaards
12a1053dfa - Fix #610: Undefine-shift in sldns_str2wire_hip_buf. 2022-01-25 08:57:49 +01:00
George Thessalonikefs
c3c0186658 - Add serviced_query timer to send upstream queries outside of the mesh 
flow to prevent race conditions.
 2022-01-25 00:01:43 +01:00
George Thessalonikefs
8e76eb95a0 - For dnstap, do not wakeupnow right there. Instead zero the timer to 
force the wakeup callback asap.
 2022-01-19 15:32:02 +01:00
W.C.A. Wijngaards
c7ae3ef156 - For #602: Allow the module-config "subnetcache validator cachedb 
iterator".
 2022-01-14 16:30:25 +01:00
W.C.A. Wijngaards
2996040c6c - Add rpz: for-downstream: yesno option, where the RPZ zone is 
authoritatively answered for, so the RPZ zone contents can be
  checked with DNS queries directed at the RPZ zone.
 2022-01-14 16:23:43 +01:00
George Thessalonikefs
3c8a79eed8 Changelog note for #605: 
- Merge PR #605: Fix EDNS to upstream where the same option could be
  attached more than once.
 2022-01-14 15:38:15 +01:00
gthess
f00d96a21b
Merge pull request #605 from NLnetLabs/sq-region 
Fix EDNS to upstream where the same option could be attached more than once
 2022-01-14 15:33:22 +01:00