upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-02-10 22:33:18 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
3509 commits 26 branches 209 tags 135 MiB
Commit graph

2543 commits

Author SHA1 Message Date
Wouter Wijngaards
128370ac14 - Fixup 724 fix for fname_after_chroot() calls. 
git-svn-id: file:///svn/unbound/trunk@3557 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 08:54:53 +00:00
Ralph Dolmans
a05bf09811 Implemented qname minimisation 
git-svn-id: file:///svn/unbound/trunk@3554 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-30 16:10:26 +00:00
Wouter Wijngaards
12b29439f5 - Fix for #724: conf syntax to read files from run dir (on Windows). 
git-svn-id: file:///svn/unbound/trunk@3551 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-30 15:05:26 +00:00
Wouter Wijngaards
2c36a9a8bf - Fix for #720, fix unbound-control-setup windows batch file. 
git-svn-id: file:///svn/unbound/trunk@3550 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-25 07:22:05 +00:00
Wouter Wijngaards
84cf2c8afd - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3549 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-24 11:01:26 +00:00
Wouter Wijngaards
fcd476c81f - Fix #720: add windows scripts to zip bundle. 
git-svn-id: file:///svn/unbound/trunk@3548 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-24 10:55:18 +00:00
Wouter Wijngaards
2262975cab - Fix that malformed EDNS query gets a response without malformed EDNS. 
git-svn-id: file:///svn/unbound/trunk@3546 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-20 09:09:55 +00:00
Wouter Wijngaards
2ceed35ca8 - Added assert on rrset cache correctness. 
git-svn-id: file:///svn/unbound/trunk@3545 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-20 08:08:11 +00:00
Wouter Wijngaards
152458c40b - spelling fixes from Igor Sobrado Delgado. 
git-svn-id: file:///svn/unbound/trunk@3544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-18 14:11:46 +00:00
Wouter Wijngaards
87a7408250 - newer acx_nlnetlabs.m4. 
git-svn-id: file:///svn/unbound/trunk@3543 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-18 07:45:41 +00:00
Wouter Wijngaards
39dc5be222 - Fixup DER encoded DSA signatures for libnettle. 
git-svn-id: file:///svn/unbound/trunk@3540 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 13:31:22 +00:00
Wouter Wijngaards
79b087b423 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3538 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 11:41:05 +00:00
Wouter Wijngaards
2a73ccd5b4 - refactor nsec3 hash implementation to be more library-portable. 
git-svn-id: file:///svn/unbound/trunk@3535 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 11:30:04 +00:00
Wouter Wijngaards
2bdea62a9e - Fix #594. libunbound: optionally use libnettle for crypto. 
Contributed by Luca Bruno.  Added --with-nettle for use with
  --with-libunbound-only.


git-svn-id: file:///svn/unbound/trunk@3533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 09:43:07 +00:00
Wouter Wijngaards
7c1131625c - Fix for lenient accept of reverse order DNAME and CNAME. 
git-svn-id: file:///svn/unbound/trunk@3530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-16 09:48:51 +00:00
Wouter Wijngaards
ac32f19928 - Change example.conf: ftp.internic.net to https://www.internic.net 
git-svn-id: file:///svn/unbound/trunk@3529 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-06 09:00:01 +00:00
Wouter Wijngaards
7ff9ded4bf - ACX_SSL_CHECKS no longer adds -ldl needlessly. 
git-svn-id: file:///svn/unbound/trunk@3528 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-04 23:16:36 +00:00
Wouter Wijngaards
92a31c1653 - Fix #718: Fix unbound-control-setup with support for env 
without HEREDOC bash support.


git-svn-id: file:///svn/unbound/trunk@3527 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-03 08:13:05 +00:00
Wouter Wijngaards
bdb24c91b2 - Fix #716: nodata proof with empty non-terminals and wildcards. 
git-svn-id: file:///svn/unbound/trunk@3526 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-29 13:08:15 +00:00
Wouter Wijngaards
1ebcdeac38 - patch from Doug Hogan for SSL_OP_NO_SSLvx options. 
git-svn-id: file:///svn/unbound/trunk@3525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-29 08:32:58 +00:00
Wouter Wijngaards
c585cbc2d9 - Fix checklock testcode for linux threads on exit. 
git-svn-id: file:///svn/unbound/trunk@3522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-28 10:28:26 +00:00
Wouter Wijngaards
ec9cee7fc2 - portability, replace snprintf if return value broken. 
git-svn-id: file:///svn/unbound/trunk@3518 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-27 13:47:50 +00:00
Wouter Wijngaards
eb21aa7ee9 changelog entry. 
git-svn-id: file:///svn/unbound/trunk@3517 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-27 12:06:03 +00:00
Wouter Wijngaards
374ee84b27 - detect libexpat without xml_StopParser function. 
git-svn-id: file:///svn/unbound/trunk@3515 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-27 10:22:05 +00:00
Wouter Wijngaards
995c8a6be6 - isblank() compat implementation. 
git-svn-id: file:///svn/unbound/trunk@3514 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-27 09:52:16 +00:00
Wouter Wijngaards
f24c3229ea - Fix #714: Document config to block private-address for IPv4 
mapped IPv6 addresses.


git-svn-id: file:///svn/unbound/trunk@3513 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-23 07:13:45 +00:00
Wouter Wijngaards
40c139cd8f - Fix #712: unbound-anchor appears to not fsync root.key. 
git-svn-id: file:///svn/unbound/trunk@3512 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-22 07:06:31 +00:00
Wouter Wijngaards
14bad4293a - trunk tracks development of 1.5.7. 
git-svn-id: file:///svn/unbound/trunk@3511 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-20 14:01:54 +00:00
Wouter Wijngaards
a9b560a207 1.5.6rc1 release tag has been created 
git-svn-id: file:///svn/unbound/trunk@3509 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-15 11:44:24 +00:00
Wouter Wijngaards
1d4330b1ff - Fix ldns_wire2str_rdata_scan for malformed RRs. 
his line, and those below, will be ignored--

M    trunk/doc/Changelog
M    trunk/sldns/wire2str.c


git-svn-id: file:///svn/unbound/trunk@3507 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-15 09:51:30 +00:00
Wouter Wijngaards
b4a7e9ad8d - Fix segfault in the dns64 module in the formaterror error path. 
git-svn-id: file:///svn/unbound/trunk@3506 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-15 09:02:01 +00:00
Wouter Wijngaards
b383dd40fa - Fix manpage to suggest using SIGTERM to terminate the server. 
git-svn-id: file:///svn/unbound/trunk@3505 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-14 12:22:49 +00:00
Wouter Wijngaards
b8d7976f57 - ANY responses include DNAME records if present, as per Evan Hunt's 
remark in dnsop.


git-svn-id: file:///svn/unbound/trunk@3504 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-14 08:02:14 +00:00
Wouter Wijngaards
71f891fae8 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3503 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-09 08:08:31 +00:00
Wouter Wijngaards
c3a45dde15 - Default for ssl-port is port 853, the temporary port assignment 
for secure domain name system traffic.
  If you used to rely on the older default of port 443, you have
  to put a clause in unbound.conf for that.  The new value is likely
  going to be the standardised port number for this traffic.


git-svn-id: file:///svn/unbound/trunk@3502 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-09 07:55:21 +00:00
Wouter Wijngaards
3703df0aa4 - trunk tracks the development of 1.5.6. 
git-svn-id: file:///svn/unbound/trunk@3500 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-06 09:57:08 +00:00
Wouter Wijngaards
53f3c2b248 - makedist.sh: pgp sig echo commands. 
git-svn-id: file:///svn/unbound/trunk@3497 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-28 14:46:38 +00:00
Wouter Wijngaards
bb06879b1e prepare 1.5.5rc1 release. 
git-svn-id: file:///svn/unbound/trunk@3495 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-28 13:50:36 +00:00
Wouter Wijngaards
0735cf0e53 - MAX_TARGET_COUNT increased to 64, to fix up sporadic resolution 
failures.


git-svn-id: file:///svn/unbound/trunk@3494 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-28 07:21:48 +00:00
Wouter Wijngaards
725f11e349 - Fix unbound-control flush that does not succeed in removing data. 
git-svn-id: file:///svn/unbound/trunk@3493 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-25 12:39:10 +00:00
Wouter Wijngaards
275a97e65f - Fix unbound.conf(5) access-control description for precedence 
and default.


git-svn-id: file:///svn/unbound/trunk@3492 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 13:04:53 +00:00
Wouter Wijngaards
baedbe8ccd - Fix minor error in unbound.conf.5.in 
git-svn-id: file:///svn/unbound/trunk@3491 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 12:59:32 +00:00
Wouter Wijngaards
66b21d16be - testbound selftest also works in non-debug mode. 
git-svn-id: file:///svn/unbound/trunk@3490 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 09:52:17 +00:00
Wouter Wijngaards
f2426b7796 - Fix #705: ub_ctx_set_fwd() return value mishandled on windows. 
git-svn-id: file:///svn/unbound/trunk@3489 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 08:59:10 +00:00
Wouter Wijngaards
e3351c3606 - Remove confusion comment from canonical_compare() function. 
git-svn-id: file:///svn/unbound/trunk@3488 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 08:43:56 +00:00
Wouter Wijngaards
44644a7e7c - Fix #702: New IPs for for h.root-servers.net. 
git-svn-id: file:///svn/unbound/trunk@3487 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 08:35:03 +00:00
Wouter Wijngaards
032027dc56 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3486 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 08:04:45 +00:00
Wouter Wijngaards
897ee33df1 - Fix config globbed include chroot treatment, this fixes reload of 
globs (patch from Dag-Erling Smørgrav).


git-svn-id: file:///svn/unbound/trunk@3485 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 08:04:19 +00:00
Wouter Wijngaards
905297bdd3 - changed windows setup compression to be more transparent. 
git-svn-id: file:///svn/unbound/trunk@3484 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-31 07:44:36 +00:00
Wouter Wijngaards
62146024c3 - Feature #699: --enable-pie option to that builds PIE binary. 
- Feature #700: --enable-relro-now option that enables full read-only
  relocation.


git-svn-id: file:///svn/unbound/trunk@3483 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-28 14:27:03 +00:00
Wouter Wijngaards
5dd7c7bb4b - Fix #697: Get PY_MAJOR_VERSION failure at configure for python 
2.4 to 2.6.


git-svn-id: file:///svn/unbound/trunk@3480 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-28 06:56:27 +00:00
Wouter Wijngaards
e65fdc31aa - Change default of harden-algo-downgrade to off. This is lenient 
for algorithm rollover.


git-svn-id: file:///svn/unbound/trunk@3478 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-24 15:05:10 +00:00
Wouter Wijngaards
06838a2bad - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3477 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-24 12:52:40 +00:00
Wouter Wijngaards
9d9984a187 - Fix deadlock for local data add and zone add when unbound-control 
list_local_data printout is interrupted.


git-svn-id: file:///svn/unbound/trunk@3476 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-24 10:49:28 +00:00
Wouter Wijngaards
6da360d3bb - Reap the child process that libunbound spawns. 
git-svn-id: file:///svn/unbound/trunk@3473 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-13 14:17:44 +00:00
Wouter Wijngaards
08e6883578 - 5011 implementation does not insist on all algorithms, when 
harden-algo-downgrade is turned off.


git-svn-id: file:///svn/unbound/trunk@3471 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-13 12:03:53 +00:00
Wouter Wijngaards
2335e2b040 - Fix #694: configure script does not detect LibreSSL 2.2.2 
git-svn-id: file:///svn/unbound/trunk@3470 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-11 07:32:35 +00:00
Wouter Wijngaards
59d4acf6e5 - Document that local-zone nodefault matches exactly and transparent 
can be used to release a subzone.


git-svn-id: file:///svn/unbound/trunk@3468 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-04 07:10:26 +00:00
Wouter Wijngaards
0d38ea6b3a - Fix mktime in unbound-anchor not using UTC. 
git-svn-id: file:///svn/unbound/trunk@3467 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-03 15:00:56 +00:00
Wouter Wijngaards
771e7295ac - Fix 5011 anchor update timer after reload. 
git-svn-id: file:///svn/unbound/trunk@3466 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-03 11:56:37 +00:00
Wouter Wijngaards
bc58e8cb15 - Document in the manual more text about configuring locally served 
zones.


git-svn-id: file:///svn/unbound/trunk@3465 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-03 10:34:29 +00:00
Wouter Wijngaards
ee263cf6c5 - Added permit-small-holddown config to debug fast 5011 rollover. 
git-svn-id: file:///svn/unbound/trunk@3462 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-30 11:52:12 +00:00
Wouter Wijngaards
8a6817d1c9 - please afl-gcc (llvm) for uninitialised variable warning. 
git-svn-id: file:///svn/unbound/trunk@3461 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-30 08:51:51 +00:00
Wouter Wijngaards
9eb54a9a89 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3459 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-24 11:54:08 +00:00
Wouter Wijngaards
d889832892 - Fix #690: Reload fails when so-reuseport is yes after changing 
git-svn-id: file:///svn/unbound/trunk@3456 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-24 07:02:14 +00:00
Wouter Wijngaards
eed106b5e0 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3455 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:52:53 +00:00
Wouter Wijngaards
583b376217 - Fix configure to detect SSL_CTX_set_ecdh_auto. 
git-svn-id: file:///svn/unbound/trunk@3453 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:30:49 +00:00
Wouter Wijngaards
78c8224655 - Enable ECDHE for servers. Where available, use 
SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to
  enable ECDHE.  Otherwise, manually offer curve p256.
  Client connections should automatically use ECDHE when available.
  (thanks Daniel Kahn Gillmor)


git-svn-id: file:///svn/unbound/trunk@3452 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-20 06:56:01 +00:00
Willem Toorop
fa20564699 SSL_CTX_use_certificate_chain_file() should be used instead of the 
SSL_CTX_use_certificate_file() function in order to allow the use of
complete certificate chains even when no trusted CA storage is used or
when the CA issuing the certificate shall not be added to the trusted
CA storage.

Thanks Daniel Kahn Gillmore


git-svn-id: file:///svn/unbound/trunk@3451 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-18 12:34:37 +00:00
Wouter Wijngaards
da83146bce - makedist produces sha1 and sha256 files for created binaries too. 
git-svn-id: file:///svn/unbound/trunk@3448 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-13 07:53:53 +00:00
Wouter Wijngaards
f66a15d894 - Fix #681: Setting forwarders with unbound-control forward 
implicitly turns on forward-first.


git-svn-id: file:///svn/unbound/trunk@3447 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-09 09:45:08 +00:00
Wouter Wijngaards
240c882954 trunk has 1.5.5 in development. 
git-svn-id: file:///svn/unbound/trunk@3446 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-09 09:40:12 +00:00
Wouter Wijngaards
a6bc6b5137 - Fix alloc with log for allocation size checks. 
git-svn-id: file:///svn/unbound/trunk@3442 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-29 10:19:42 +00:00
Wouter Wijngaards
41507d016c - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3440 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-29 07:09:04 +00:00
Wouter Wijngaards
c29276ba71 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3436 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-26 07:33:03 +00:00
Wouter Wijngaards
cb90782087 - Fix #677 Fix DNAME responses from cache that failed internal chain 
test.


git-svn-id: file:///svn/unbound/trunk@3435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-26 07:27:32 +00:00
Wouter Wijngaards
0884d263ef - Fix #677 Fix CNAME corresponding to a DNAME was checked incorrectly 
and was therefore always synthesized (thanks to Valentin Dietrich).


git-svn-id: file:///svn/unbound/trunk@3434 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-22 09:23:43 +00:00
Wouter Wijngaards
6e65f728cc - RFC 7553 RR type URI support, is now enabled by default. 
git-svn-id: file:///svn/unbound/trunk@3433 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-04 12:30:29 +00:00
Wouter Wijngaards
4dae17108b - Fix #674: Do not free pointers given by getenv. 
git-svn-id: file:///svn/unbound/trunk@3432 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-02 07:31:43 +00:00
Wouter Wijngaards
94a6478e05 - SOA negative TTL is capped at minimumttl in its rdata section. 
- cache-max-negative-ttl config option, default 3600.


git-svn-id: file:///svn/unbound/trunk@3431 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 14:51:36 +00:00
Wouter Wijngaards
4b0c7880e4 - Fix that unparseable error responses are ratelimited. 
git-svn-id: file:///svn/unbound/trunk@3429 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 09:27:42 +00:00
Wouter Wijngaards
5f9d2314a1 - Document that ratelimit works with unbound-control set_option. 
git-svn-id: file:///svn/unbound/trunk@3428 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-26 09:18:21 +00:00
Wouter Wijngaards
bd89f4e7d5 - documentation proposes ratelimit of 1000 (closer to what upstream 
servers expect from us).


git-svn-id: file:///svn/unbound/trunk@3427 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-21 12:06:41 +00:00
Wouter Wijngaards
bf25a42b67 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3426 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-21 07:29:42 +00:00
Wouter Wijngaards
b5f391d845 - DLV is going to be decommissioned. Advice to stop using it, and 
put text in the example configuration and man page to that effect.


git-svn-id: file:///svn/unbound/trunk@3424 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-20 06:24:06 +00:00
Wouter Wijngaards
bfd78a8c23 - Change syntax of particular validator error to be easier for 
machine parse, swap rrset and ip adres info so it looks like:
  validation failure <www.example.nl. TXT IN>: signature crypto
  failed from 2001:DB8:7:bba4::53 for <*.example.nl. NSEC IN>


git-svn-id: file:///svn/unbound/trunk@3422 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-10 12:04:22 +00:00
Wouter Wijngaards
f03d3b870e - caps-whitelist in unbound.conf allows whitelist of loadbalancers 
that cannot work with caps-for-id or its fallback.


git-svn-id: file:///svn/unbound/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 12:36:16 +00:00
Wouter Wijngaards
b8eb1713e0 - Unit test for type ANY synthesis. 
git-svn-id: file:///svn/unbound/trunk@3419 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-30 10:27:27 +00:00
Wouter Wijngaards
ddff09a710 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3408 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-22 08:19:12 +00:00
Wouter Wijngaards
7efd7aba85 - Removed contrib/unbound_unixsock.diff, because it has been 
integrated, use control-interface: /path in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@3407 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-22 08:03:34 +00:00
Wouter Wijngaards
ff898bfdd6 - Synthesize ANY responses from cache. Does not search exhaustively, 
but MX,A,AAAA,SOA,NS also CNAME.
- Fix leaked dns64prefix configuration string.


git-svn-id: file:///svn/unbound/trunk@3405 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-17 14:58:07 +00:00
Wouter Wijngaards
863b12ffd4 #664: Fix issue with Python 3 mapping of FILE* using file_py3.i from ldns. 
git-svn-id: file:///svn/unbound/trunk@3403 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:41:14 +00:00
Wouter Wijngaards
da612901d7 #664: libunbound-Python: libldns is not used anymore. 
git-svn-id: file:///svn/unbound/trunk@3402 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:38:38 +00:00
Wouter Wijngaards
f5442e9c5b #664: libunbound examples: produce sorted output. 
git-svn-id: file:///svn/unbound/trunk@3401 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:37:12 +00:00
Wouter Wijngaards
9e6fa9f687 - Fix bug#664: libunbound python3 related fixes (from Tomas Hozza) 
Use print_function also for Python2.


git-svn-id: file:///svn/unbound/trunk@3400 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:35:55 +00:00
Wouter Wijngaards
628ff05285 - Ratelimit does not apply to prefetched queries, and ratelimit-factor 
is default 10.  Repeated normal queries get resolved and with
  prefetch stay in the cache.


git-svn-id: file:///svn/unbound/trunk@3399 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:18:50 +00:00
Wouter Wijngaards
e25ac1c2eb - Add local-zone type inform_deny, that logs query and drops answer. 
git-svn-id: file:///svn/unbound/trunk@3398 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 08:23:06 +00:00
Wouter Wijngaards
13b482c418 manpage for ratelimit_list 
git-svn-id: file:///svn/unbound/trunk@3397 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 14:07:25 +00:00
Wouter Wijngaards
69d2fd7818 - Fix#663: ssl handshake fails when using unix socket because dh size 
is too small.


git-svn-id: file:///svn/unbound/trunk@3396 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 13:56:12 +00:00
Wouter Wijngaards
55412b2645 - Fix that get_option for cache-sizes does not print double newline. 
git-svn-id: file:///svn/unbound/trunk@3395 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 13:43:44 +00:00
Wouter Wijngaards
85192d4569 - unbound-control ratelimit_list lists high rate domains. 
git-svn-id: file:///svn/unbound/trunk@3393 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 12:13:59 +00:00
Wouter Wijngaards
bc658e0361 Fixes. 
git-svn-id: file:///svn/unbound/trunk@3392 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 10:57:25 +00:00
Wouter Wijngaards
e30a90febc - ratelimit feature, ratelimit: 100, or some sensible qps, can be 
used to turn it on.  It ratelimits recursion effort per zone.
  For particular names you can configure exceptions in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@3391 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 09:59:57 +00:00
Wouter Wijngaards
e0631733a6 - Fix crash in dnstap: Do not try to log TCP responses after timeout. 
git-svn-id: file:///svn/unbound/trunk@3390 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-08 19:58:06 +00:00
Wouter Wijngaards
53008d7969 - unbound-control list_insecure command shows the negative trust 
anchors currently configured, patch from Jelte Jansen.


git-svn-id: file:///svn/unbound/trunk@3389 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-07 13:50:09 +00:00
Wouter Wijngaards
08b8c34940 typo fix. 
(svn:NO TEST)


git-svn-id: file:///svn/unbound/trunk@3388 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-07 12:10:37 +00:00
Wouter Wijngaards
32f808fcfa - Unbound exits with a fatal error when the auto-trust-anchor-file 
fails to be writable.  This is seconds after startup.  You can
  load a readonly auto-trust-anchor-file with trust-anchor-file.
  The file has to be writable to notice the trust anchor change,
  without it, a trust anchor change will be unnoticed and the system
  will then become unoperable.


git-svn-id: file:///svn/unbound/trunk@3387 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-07 12:03:05 +00:00
Wouter Wijngaards
11b13d5928 - Libunbound skips dos-line-endings from etc/hosts. 
git-svn-id: file:///svn/unbound/trunk@3384 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-07 07:51:43 +00:00
Wouter Wijngaards
40c0bbf371 - Fix #660: Fix interface-automatic broken in the presence of 
asymmetric routing.


git-svn-id: file:///svn/unbound/trunk@3383 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-02 10:02:01 +00:00
Wouter Wijngaards
b2bdce46be - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
Wouter Wijngaards
de61a65867 - remote.c probedelay line is easier to read. 
git-svn-id: file:///svn/unbound/trunk@3379 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 09:46:06 +00:00
Wouter Wijngaards
7a9ccf858c - If unknown trust anchor algorithm, and libressl is used, error 
message encourages upgrade of the libressl package.


git-svn-id: file:///svn/unbound/trunk@3378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-25 16:04:05 +00:00
Wouter Wijngaards
ebbe43098a - Fix #657: libunbound(3) recommends deprecated 
CRYPTO_set_id_callback.


git-svn-id: file:///svn/unbound/trunk@3377 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-25 08:06:35 +00:00
Wouter Wijngaards
bd404f5fd3 - Fix segfault on user not found at startup (from Maciej Soltysiak). 
git-svn-id: file:///svn/unbound/trunk@3375 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-23 20:20:15 +00:00
Wouter Wijngaards
6feb8fb6a5 - Fixes to add integer overflow checks on allocation (defense in depth). 
git-svn-id: file:///svn/unbound/trunk@3372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-20 15:36:25 +00:00
Wouter Wijngaards
77088b12ff - Add ip-transparent config option for bind to non-local addresses. 
git-svn-id: file:///svn/unbound/trunk@3369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-19 09:50:35 +00:00
Wouter Wijngaards
63b5d109f8 - Use reallocarray for integer overflow protection, patch submitted 
by Loganaden Velvindron.


git-svn-id: file:///svn/unbound/trunk@3365 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-17 08:24:24 +00:00
Wouter Wijngaards
29f18d8f86 - Fixup compile on cygwin, more portable openssl thread id. 
git-svn-id: file:///svn/unbound/trunk@3362 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-16 10:51:32 +00:00
Wouter Wijngaards
3568ea8bb5 - Updated default keylength in unbound-control-setup to 3k. 
git-svn-id: file:///svn/unbound/trunk@3361 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-12 15:34:03 +00:00
Wouter Wijngaards
bac2305fa6 - Fix warning on sign compare in getentropy_linux. 
git-svn-id: file:///svn/unbound/trunk@3360 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-10 10:29:55 +00:00
Wouter Wijngaards
4bb7d2b3b1 - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3359 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-10 10:17:45 +00:00
Wouter Wijngaards
ed7b7bef11 print svnroot for windows makedist. 1.5.4 in configure.ac 
git-svn-id: file:///svn/unbound/trunk@3358 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-10 10:03:45 +00:00
Wouter Wijngaards
23b58890e5 - Fix lintian warning in unbound-checkconf man page (from Andreas 
Schulze).


git-svn-id: file:///svn/unbound/trunk@3356 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-10 08:00:40 +00:00
Wouter Wijngaards
56aefe656b - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3355 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-09 13:39:27 +00:00
Wouter Wijngaards
49250ef291 - Fix #644: harden-algo-downgrade option, if turned off, fixes the 
reported excessive validation failure when multiple algorithms
  are present.  It allows the weakest algorithm to validate the zone.


git-svn-id: file:///svn/unbound/trunk@3354 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-09 13:30:37 +00:00
Wouter Wijngaards
b87e7c90be - stats reports tcp usage, of incoming-num-tcp buffers. 
git-svn-id: file:///svn/unbound/trunk@3353 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-05 15:23:14 +00:00
Wouter Wijngaards
ab539746ff - Document that incoming-num-tcp increase is good for large servers. 
git-svn-id: file:///svn/unbound/trunk@3352 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-05 11:41:29 +00:00
Wouter Wijngaards
a197bcaa0c - contrib/unbound_smf22.tar.gz: Solaris SMF installation/removal 
scripts.  Contributed by Yuri Voinov.


git-svn-id: file:///svn/unbound/trunk@3351 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-05 08:18:59 +00:00
Wouter Wijngaards
67c6df20aa - Document windows 8 tests. 
git-svn-id: file:///svn/unbound/trunk@3350 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 13:24:27 +00:00
Wouter Wijngaards
7e50976476 - store caps_response with best response in case downgrade response 
happens to be the last one.


git-svn-id: file:///svn/unbound/trunk@3348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 09:31:26 +00:00
Wouter Wijngaards
54771e5b3d - many nameservers does not try to compare more than max-sent-count, 
parse failures start 0x20 fallback procedure.


git-svn-id: file:///svn/unbound/trunk@3347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 09:06:05 +00:00
Wouter Wijngaards
ab62061196 - 0x20 fallback improved, better handling of servfail responses, 
they do not count as missing comparisons (except if all are failed),
  and better handling of inability to find nameservers, no more
  nameservers can be found results in fallback acceptance.


git-svn-id: file:///svn/unbound/trunk@3346 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 08:30:17 +00:00
Wouter Wijngaards
34283df859 - Patch from Brad Smith that syncs compat/getentropy_linux with 
OpenBSD's version (2015-03-04).


git-svn-id: file:///svn/unbound/trunk@3345 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 07:18:09 +00:00
Wouter Wijngaards
bd05a6de8c - tag 1.5.3rc1 
git-svn-id: file:///svn/unbound/trunk@3344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-03 13:37:53 +00:00
Wouter Wijngaards
929b5c08ee iana portlist update 
git-svn-id: file:///svn/unbound/trunk@3342 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-02 11:03:14 +00:00
Wouter Wijngaards
a226533c8b - Fix #647 crash in 1.5.2 because pwd.db no longer accessible after 
reload.


git-svn-id: file:///svn/unbound/trunk@3341 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-20 14:48:04 +00:00
Wouter Wijngaards
34402f8455 - Fix #646 Portability to Solaris, -lrt for getentropy_solaris. 
git-svn-id: file:///svn/unbound/trunk@3340 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-20 14:03:41 +00:00
Wouter Wijngaards
679f545d08 - Portability to Solaris 10, use AF_LOCAL. 
git-svn-id: file:///svn/unbound/trunk@3339 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-20 13:55:09 +00:00
Wouter Wijngaards
160dd56c4a - Use the getrandom syscall introduced in Linux 3.17 (from Heiner Kallweit). 
git-svn-id: file:///svn/unbound/trunk@3338 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-20 09:19:32 +00:00
Wouter Wijngaards
a6eb4fd0a8 - 1.5.2 release tag. 
- svn trunk contains 1.5.3 under development.


git-svn-id: file:///svn/unbound/trunk@3337 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-19 15:16:40 +00:00
Wouter Wijngaards
29db65b4a8 - Fix #643: doc/example.conf.in: unnecessary whitespace. 
git-svn-id: file:///svn/unbound/trunk@3335 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-13 11:02:46 +00:00
Wouter Wijngaards
a7e433d0b1 - tag 1.5.2rc1 
git-svn-id: file:///svn/unbound/trunk@3334 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-12 15:33:20 +00:00
Wouter Wijngaards
d979a5bafe - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3331 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-11 07:24:57 +00:00
Wouter Wijngaards
025f36b169 - Fix scrubber with harden-glue turned off to reject NS (and other 
not-address) records.


git-svn-id: file:///svn/unbound/trunk@3330 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-10 14:01:45 +00:00
Wouter Wijngaards
e08aa7c5e1 - Fix validation failure in case upstream forwarder (ISC BIND) does 
not have the same trust anchors and decides to insert unsigned NS
  record in authority section.


git-svn-id: file:///svn/unbound/trunk@3329 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-09 11:44:46 +00:00
Wouter Wijngaards
3ef33154e5 - infra-cache-min-rtt patch from Florian Riehm, for expected long 
uplink roundtrip times.


git-svn-id: file:///svn/unbound/trunk@3328 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-02 08:46:22 +00:00
Wouter Wijngaards
83ba5ffcf4 - Portability fix for Solaris ('sun' is not usable for a variable). 
git-svn-id: file:///svn/unbound/trunk@3326 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-30 15:32:59 +00:00
Wouter Wijngaards
3d66ef2b92 - Fix 0x20 capsforid fallback to omit gratuitous NS and additional 
section changes.


git-svn-id: file:///svn/unbound/trunk@3323 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-30 09:35:38 +00:00
Wouter Wijngaards
d17b312471 - Fix pyunbound byte string representation for python3. 
git-svn-id: file:///svn/unbound/trunk@3322 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-29 16:10:51 +00:00
Wouter Wijngaards
15d16580a8 - Fix unintended use of gcc extension for incomplete enum types, 
compile with pedantic c99 compliance (from Daniel Dickman).


git-svn-id: file:///svn/unbound/trunk@3321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-26 08:46:40 +00:00