upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
2327 commits 23 branches 209 tags 123 MiB
Commit graph

1584 commits

Author SHA1 Message Date
Wouter Wijngaards
f7b911b120 - add get and set option for harden-below-nxdomain feature. 
git-svn-id: file:///svn/unbound/trunk@2377 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-17 12:31:28 +00:00
Wouter Wijngaards
f5a97a3e8f - Fix so a changed NS RRset does not get moved name stuck on old 
server, for type NS the TTL is not increased.


git-svn-id: file:///svn/unbound/trunk@2373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 13:56:25 +00:00
Wouter Wijngaards
790cb51775 - Fix prefetch so it does not get stuck on old server for moved names. 
git-svn-id: file:///svn/unbound/trunk@2372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-13 10:13:01 +00:00
Wouter Wijngaards
583eabb13e iana portlist updated 
git-svn-id: file:///svn/unbound/trunk@2370 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-12 08:55:27 +00:00
Wouter Wijngaards
4a746142cf - Fix insecure CNAME sequence marked as secure, reported by Bert Hubert. 
git-svn-id: file:///svn/unbound/trunk@2369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-11 12:32:29 +00:00
Wouter Wijngaards
35c3a25896 - faster lruhash get_mem routine. 
git-svn-id: file:///svn/unbound/trunk@2366 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-10 13:28:48 +00:00
Wouter Wijngaards
05e9f914c5 iana portlist updated. 
git-svn-id: file:///svn/unbound/trunk@2364 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-04 07:28:36 +00:00
Wouter Wijngaards
046143af20 Fix bug #346: itar is discontinued. 
git-svn-id: file:///svn/unbound/trunk@2363 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-04 06:53:57 +00:00
Wouter Wijngaards
0bc54677db - Fix in infra cache that could cause rto larger than TOP_TIMEOUT kept. 
git-svn-id: file:///svn/unbound/trunk@2361 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-23 10:49:47 +00:00
Wouter Wijngaards
15b14306ed iana portlist updated 
git-svn-id: file:///svn/unbound/trunk@2359 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-21 14:43:29 +00:00
Wouter Wijngaards
daab92e954 - algorithm compromise protection using the algorithms signalled in 
the DS record.  Also, trust anchors, DLV, and RFC5011 receive this,
         and thus, if you have multiple algorithms in your trust-anchor-file
         then it will now behave different than before.  Also, 5011 rollover
         for algorithms needs to be double-signature until the old algorithm
         is revoked.


git-svn-id: file:///svn/unbound/trunk@2358 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-21 14:19:55 +00:00
Wouter Wijngaards
c4c8a65ff2 - fix validation in this case: CNAME to nodata for co-hosted opt-in 
NSEC3 insecure delegation, was bogus, fixed to be insecure.


git-svn-id: file:///svn/unbound/trunk@2355 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-17 10:05:56 +00:00
Wouter Wijngaards
f8796f94f4 squelch 'tcp connect: bla' errors in logfile. 
git-svn-id: file:///svn/unbound/trunk@2354 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-17 09:10:46 +00:00
Wouter Wijngaards
ecb9db442d - Fix our 'BDS' license (typo reported by Xavier Belanger). 
git-svn-id: file:///svn/unbound/trunk@2353 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-16 16:18:30 +00:00
Wouter Wijngaards
57f309ab1d - iana portlist updated. 
- review changes for unbound-anchor.


git-svn-id: file:///svn/unbound/trunk@2351 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-10 15:01:39 +00:00
Wouter Wijngaards
dd8e44ac37 - feature typetransparent localzone, does not block other RR types. 
git-svn-id: file:///svn/unbound/trunk@2350 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-02 12:39:33 +00:00
Wouter Wijngaards
9997255caa - Fix bug#338: print address when socket creation fails. 
git-svn-id: file:///svn/unbound/trunk@2349 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-01 09:59:39 +00:00
Wouter Wijngaards
79f4ca6a28 Fix storage of noEDNS in the infra cache. 
iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-30 12:55:48 +00:00
Wouter Wijngaards
78cc3d8ae1 harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove. 
Default off (for now), as some older software that gives nxdomain for ENT
would be incompatible.  But that would only happen in the reverse tree, and
such software (nonDNSSEC) may go out of style, so in the future a default yes
could be possible.



git-svn-id: file:///svn/unbound/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-18 08:49:15 +00:00
Wouter Wijngaards
5e62750fcd - make test output nicer. 
git-svn-id: file:///svn/unbound/trunk@2346 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-17 15:50:52 +00:00
Wouter Wijngaards
289f13bc25 - implement draft-vixie-dnsext-resimprove-00, we stop on NXDOMAIN. 
git-svn-id: file:///svn/unbound/trunk@2345 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-17 10:02:34 +00:00
Wouter Wijngaards
8c5b3d3c8f - so-sndbuf option for very busy servers, a bit like so-rcvbuf. 
git-svn-id: file:///svn/unbound/trunk@2344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-15 14:30:34 +00:00
Wouter Wijngaards
e430e8cef8 errno filtering better: sendto and sendmsg filtered in the same way. Also 
ENETDOWN and ENETUNREACH for tcp (already had EHOSTDOWN and EHOSTUNREACH).


git-svn-id: file:///svn/unbound/trunk@2343 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-15 14:00:20 +00:00
Wouter Wijngaards
95da05c4bc iana portlist updated. 
git-svn-id: file:///svn/unbound/trunk@2342 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-15 13:16:09 +00:00
Wouter Wijngaards
c9dbc9907a - silence 'tcp connect: broken pipe' at low verbosity. 
git-svn-id: file:///svn/unbound/trunk@2341 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-15 13:15:23 +00:00
Wouter Wijngaards
6976832ffe unbound-anchor portable with openssl 0.9.7. 
git-svn-id: file:///svn/unbound/trunk@2340 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-09 16:05:02 +00:00
Wouter Wijngaards
2fe65ab2b5 - Be lenient and accept imgw.pl malformed packet (like BIND). 
git-svn-id: file:///svn/unbound/trunk@2339 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-08 18:32:55 +00:00
Wouter Wijngaards
4e8ae039fa move to version 1.4.8 
git-svn-id: file:///svn/unbound/trunk@2338 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-08 13:22:54 +00:00
Wouter Wijngaards
0b30fca935 - do not synthesize a CNAME message from cache for qtype DS. 
git-svn-id: file:///svn/unbound/trunk@2335 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-05 15:29:50 +00:00
Wouter Wijngaards
d748bca7de use central entropy to seed threads. 
git-svn-id: file:///svn/unbound/trunk@2330 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-04 11:38:23 +00:00
Wouter Wijngaards
a3a1119f54 - Change the rtt used to probe EDNS-timeout hosts to 1000 msec. 
git-svn-id: file:///svn/unbound/trunk@2329 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-03 09:06:49 +00:00
Wouter Wijngaards
98c4161631 code review. 
git-svn-id: file:///svn/unbound/trunk@2327 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-02 10:03:18 +00:00
Wouter Wijngaards
93ffd44608 GOST code enabled by default (RFC 5933) 
git-svn-id: file:///svn/unbound/trunk@2323 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-01 11:24:07 +00:00
Wouter Wijngaards
fcf1157fa4 - Configure detects libev-4.00. 
git-svn-id: file:///svn/unbound/trunk@2322 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-29 15:03:20 +00:00
Wouter Wijngaards
488aee467a - Fix validation failure for parent and child on same server with an 
insecure childzone and a CNAME from parent to child.


git-svn-id: file:///svn/unbound/trunk@2321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-29 13:10:26 +00:00
Wouter Wijngaards
ba340cd07a - Fix uninit value in dump_infra print. 
git-svn-id: file:///svn/unbound/trunk@2320 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-29 10:20:40 +00:00
Wouter Wijngaards
498cc8ab88 - Change of timeout code. No more lost and backoff in blockage. 
At 12sec timeout (and at least 2x lost before) one probe per IP
  is allowed only.  At 120sec, the IP is blocked.  After 15min, a
  120sec entry has a single retry packet.


git-svn-id: file:///svn/unbound/trunk@2311 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 15:02:08 +00:00
Wouter Wijngaards
573ce5a4de - no timeout backoff if meanwhile a query succeeded. 
git-svn-id: file:///svn/unbound/trunk@2308 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 12:15:00 +00:00
Wouter Wijngaards
f2ae3e8167 dump_infra and flush_infra commands for unbound-control. 
git-svn-id: file:///svn/unbound/trunk@2306 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 09:08:33 +00:00
Wouter Wijngaards
d0f2287d44 + - Configure errors if ldns is not found. 
git-svn-id: file:///svn/unbound/trunk@2305 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-25 07:44:33 +00:00
Wouter Wijngaards
5533861c28 - Windows 7 fix for installer. 
git-svn-id: file:///svn/unbound/trunk@2304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-22 07:34:28 +00:00
Wouter Wijngaards
2bdb094f7b - Fix bug where fallback_tcp causes wrong roundtrip and edns 
observation to be noted in cache.  Fix bug where EDNSprobe halted
  exponential backoff if EDNS status unknown.
- new unresponsive host method, exponentially increasing block backoff.
- iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2303 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-21 15:11:39 +00:00
Wouter Wijngaards
c5fe4a8bf3 Enable interface-automatic for people for whom it works. 
git-svn-id: file:///svn/unbound/trunk@2300 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-20 05:36:00 +00:00
Wouter Wijngaards
e238b47b0a Fix for request list growth. 
git-svn-id: file:///svn/unbound/trunk@2298 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-19 14:53:29 +00:00
Wouter Wijngaards
2645b3e634 iana portlist updated 
git-svn-id: file:///svn/unbound/trunk@2296 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-18 08:45:46 +00:00
Wouter Wijngaards
5d2ef1f925 - unbound-anchor handles ADDPEND keystate. 
git-svn-id: file:///svn/unbound/trunk@2281 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-13 12:04:37 +00:00
Wouter Wijngaards
1b773f682f - Fix TCP so it uses a random outgoing-interface. 
git-svn-id: file:///svn/unbound/trunk@2280 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-13 08:52:29 +00:00
Wouter Wijngaards
cf72b1a55d ldns tarball updated. 
git-svn-id: file:///svn/unbound/trunk@2277 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-11 13:07:44 +00:00
Wouter Wijngaards
64fba64826 iana portlist updated 
git-svn-id: file:///svn/unbound/trunk@2276 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-11 12:30:57 +00:00
Wouter Wijngaards
46345c0809 - Fix bug when DLV below a trust-anchor that uses NSEC3 optout where 
the zone has a secure delegation hosted on the same server did not
         verify as secure (it was insecure by mistake).


git-svn-id: file:///svn/unbound/trunk@2275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-11 12:21:19 +00:00