upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-23 16:20:26 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
7202 commits 23 branches 209 tags 123 MiB
Commit graph

316 commits

Author SHA1 Message Date
George Thessalonikefs
08968baec1 - Fix error cases when udp-connect is set and send() returns an error 
(modified patch from Xin Li @delphij).
 2020-12-16 17:11:41 +01:00
Wouter Wijngaards
48c038391a
Merge pull request #373 from fobser/void-arithmetic 
Warning: arithmetic on a pointer to void is a GNU extension.
 2020-12-11 14:07:30 +01:00
Wouter Wijngaards
29b5b25852
Merge pull request #335 from fobser/static 
Sprinkle in some static to prevent missing prototype warnings.
 2020-12-11 14:03:46 +01:00
Florian Obser
15e1b16da0 Warning: arithmetic on a pointer to void is a GNU extension. 2020-12-11 14:00:20 +01:00
W.C.A. Wijngaards
7077660932 - Fix to squelch permission denied and other errors from remote host, 
they are logged at higher verbosity but not on low verbosity.
 2020-12-11 10:30:54 +01:00
W.C.A. Wijngaards
6bf1293bcd No need for mk_local_addr, can pass the sockaddr structure. 2020-12-09 11:56:35 +01:00
W.C.A. Wijngaards
72d3b588ca For the DoH create_http_handler, also pass the socket. 2020-12-09 11:29:57 +01:00
W.C.A. Wijngaards
31cedb47cb Remove unused whitespace, add missing header change, make it compile 2020-12-09 11:13:58 +01:00
W.C.A. Wijngaards
bdfa65c6ab Import the patches from the files in the tarball in 
issue #365 https://github.com/NLnetLabs/unbound/files/5659923/patches.tar.gz
from iruzanov.  The merge conflicts are fixed, but no changes are made
to the patched code.
 2020-12-09 11:00:51 +01:00
W.C.A. Wijngaards
9eeb95a960 - Fix update, with write event check with streamreuse and fastopen. 2020-12-02 16:17:26 +01:00
W.C.A. Wijngaards
0502ab3026 - Fix for #283: fix stream reuse and tcp fast open. 2020-12-02 15:42:24 +01:00
W.C.A. Wijngaards
e049fb303c - Fix on windows to ignore connection failure on UDP, unless verbose. 2020-12-02 11:58:24 +01:00
W.C.A. Wijngaards
16c496bff6 - Fix #356: deadlock when listening tcp. 2020-12-02 10:10:27 +01:00
W.C.A. Wijngaards
1ebf851bf0 - Fix #360: for the additionally reported TCP Fast Open makes TCP 
connections fail, in that case we print a hint that this is
  happening with the error in the logs.
 2020-12-02 09:51:26 +01:00
W.C.A. Wijngaards
67a0614db7 - Fix that after failed read, the readagain cannot activate. 2020-11-26 12:12:52 +01:00
W.C.A. Wijngaards
4a8669612a - Fix to omit UDP receive errors from log, if verbosity low. 
These happen because of udp-connect.
 2020-11-26 09:39:54 +01:00
W.C.A. Wijngaards
e50152aa1f - Fix readagain and writeagain callback functions for comm point 
cleanup.
 2020-11-25 13:46:28 +01:00
W.C.A. Wijngaards
15e8f5c6d4 - Fix udp-connect on FreeBSD, do send calls on connected UDP socket. 2020-11-25 09:55:01 +01:00
W.C.A. Wijngaards
5924a591be - with udp-connect ignore connection refused with UDP timeouts. 2020-11-25 09:41:06 +01:00
Florian Obser
9fb65e2b9e Sprinkle in some static to prevent missing prototype warnings. 2020-10-28 14:15:23 +01:00
W.C.A. Wijngaards
78e9b8949c Merge branch 'master' into stream-reuse 
Resolved comm_point_start_listening conflict for socket close.
 2020-10-21 09:54:03 +02:00
W.C.A. Wijngaards
531ce9e85c Fixup for clear of tcp handler structure. 2020-10-19 13:36:53 +02:00
W.C.A. Wijngaards
68c57314c4 - Fix to set the tcp handler event toggle flag back to default when 
the handler structure is reused.
 2020-10-19 12:55:43 +02:00
W.C.A. Wijngaards
ab9d732796 - Log ip address when http session recv fails, eg. due to tls fail. 2020-10-19 11:06:55 +02:00
W.C.A. Wijngaards
a3e2bfbb0c - Fix #330: [Feature request] Add unencrypted DNS over HTTPS support. 
This adds the option http-notls-downstream: yesno to change that,
  and the dohclient test code has the -n option.
 2020-10-19 10:24:03 +02:00
Ralph Dolmans
4ae823fbc2 Merge branch 'master' into doh 2020-09-16 18:38:51 +02:00
Ralph Dolmans
42a35ac26e - Final round of DoH review feedback processing. 2020-09-16 18:25:02 +02:00
Ralph Dolmans
a3be2b73b6 Properly handle http_endpoint malloc failure. 2020-09-10 13:05:55 +02:00
W.C.A. Wijngaards
47a5dc8cae - Refactor to use sock_strerr shorthand function. 2020-08-31 09:12:01 +02:00
W.C.A. Wijngaards
a6dc0743b4 - Merge PR #293: Add missing prototype. Also refactor to use the new 
shorthand function to clean up the code.
 2020-08-31 08:41:34 +02:00
W.C.A. Wijngaards
8b43b94b22 Merge branch 'master' into stream-reuse 2020-07-22 09:53:57 +02:00
Ralph Dolmans
14a0433470 - Merge PR #234 - Ensure proper alignment of cmsg buffers by Jérémie 
Courrèges-Anglas.
- Fix PR #234 log_assert sizeof to use union buffer.
 2020-07-17 13:07:03 +02:00
W.C.A. Wijngaards
766005a356 stream reuse, in callbacks, removed whitespace. 2020-07-13 15:45:16 +02:00
W.C.A. Wijngaards
19a35fb839 stream reuse, write and read again if more data can go over the channel, 
this amortizes the event loop mechanism for busy channels, for performance.
 2020-07-13 15:16:59 +02:00
W.C.A. Wijngaards
9914b7216b stream reuse, remove debug output 2020-07-10 16:06:17 +02:00
W.C.A. Wijngaards
7a69ff4182 fix that ssl_handle_it() uses tcp_is_reading in tcp_write_and_read mode. 
fix that netevent tcp_write_and_read mode does not close due to error from
assert that not both write and read happen at the same time.
 2020-07-10 15:37:30 +02:00
W.C.A. Wijngaards
e95edd3d36 debug prints in verbose output. 2020-07-09 13:41:50 +02:00
W.C.A. Wijngaards
ccc9e0749c stream reuse toggle write and read to only read mode when write is done. 
tcp callback from stream read without entry linked.
 2020-07-09 13:41:03 +02:00
W.C.A. Wijngaards
cfe009a31c tcp read and write handling of write events in netevent for tcp and ssl. 2020-06-26 16:05:15 +02:00
W.C.A. Wijngaards
64c8d18814 in tcp write callback routine dont reset read byte count if write and read. 
in tcp write callback and write and read and write is done perform callback.
tcp connection is selected to not toggle readwrite and give closed callback.
 2020-06-26 10:54:13 +02:00
W.C.A. Wijngaards
39a50f30a3 tcp callback handle timeout event for read and reuse keepalive. 2020-06-25 14:26:29 +02:00
Ralph Dolmans
0fbfce4c99 - Add DoH tests 2020-06-24 14:04:34 +02:00
W.C.A. Wijngaards
fd723aed27 tcp connection is stored and picked up for reuse 
fix that comm_point_start_listening does not close the same fd that is started.
 2020-06-03 17:24:26 +02:00
Ralph Dolmans
8fc2320b5c - Add mem.http.query_buffer and mem.http.response_buffer stats 
- Add configurable limits for http-query-buffer-size and
  http-response-buffer-size
- Make http endpoint, max_streams, and TCP_NODELAY for HTTP sockets
  configurable.
 2020-05-12 18:12:19 +02:00
Jeremie Courreges-Anglas
8175161059 Ensure proper alignment of cmsg buffers 
The cmsg macros expect a control message buffer to be aligned like
a struct cmsghdr.  The current layout around those stack-allocated
buffers probably provides the required alignment (usually 4 bytes).
Use a union to enforce proper alignment, in case future changes modify
the stack layout.

Spotted when chasing an unrelated bug with Otto Moerbeek (@omoerbeek).
 2020-05-10 17:23:33 +02:00
Ralph Dolmans
e7601870cc Merge branch 'master' into doh 2020-05-07 17:12:26 +02:00
Ralph Dolmans
8dae5d9f81 - Add DNS-over-HTTPS support 2020-05-07 16:36:26 +02:00
Willem Toorop
af0bd5b0b4 Send tcp_req_info->spool_buffer as dnstap CLIENT_RESPONSE 
When tcp_req_info exists. This fixes that dnstap CLIENT_RESPONSE messages did not contain the response message when answering on statful transport for uncached responses.
 2020-03-30 12:19:17 +02:00
Willem Toorop
9d9eee8402 Fix uncached CLIENT_RESPONSE'es on stateful transports 
Because repinfo->c->buffer does not contain the response when the it did not came from cache.
Only after tcp_req_info_send_reply is called, is the response on the buffer which is used to fill the dnstap protobuf's.
 2020-03-30 11:39:07 +02:00
W.C.A. Wijngaards
25a88d6d54 dnstap io, check peer verification in dtstream dtio_ssl_handshake. 2020-02-12 15:23:58 +01:00
W.C.A. Wijngaards
dc31cf3652 dnstap unbound-dnstap-sock, read from TLS. 2020-01-31 14:03:28 +01:00
W.C.A. Wijngaards
6c0a863584 - Fix to silence the tls handshake errors for broken pipe and reset 
by peer, unless verbosity is set to 2 or higher.
 2020-01-28 14:32:06 +01:00
Havard Eidnes
dc0b1699e5 In tcp_callback_writer(), don't disable time-out when changing to read. 2019-11-26 00:02:34 +01:00
W.C.A. Wijngaards
3a49e683ed - Fix Enum Name not Used, reported by X41 D-Sec. 2019-11-20 14:22:06 +01:00
W.C.A. Wijngaards
3907876eac - Fix Unrequired Checks, reported by X41 D-Sec. 2019-11-20 14:05:54 +01:00
W.C.A. Wijngaards
d05d6b959a - fixes for splint cleanliness, long vs int in SSL set_mode. 2019-11-13 15:16:27 +01:00
W.C.A. Wijngaards
05b9f4fd28 - Fix #71: fix openssl error squelch commit compilation error. 2019-09-04 08:44:19 +02:00
W.C.A. Wijngaards
1089fd6dc1 - squelch DNS over TLS errors 'ssl handshake failed crypto error' 
on low verbosity, they show on verbosity 3 (query details), because
  there is a high volume and the operator cannot do anything for the
  remote failure.  Specifically filters the high volume errors.
 2019-09-03 09:47:27 +02:00
W.C.A. Wijngaards
af6c5dea43 - Fix another spoolbuf storage code point, in prefetch. 2019-06-12 08:32:45 +02:00
W.C.A. Wijngaards
a95f5fd5cb - Squelch log messages from tcp send about connection reset by peer. 
They can be enabled with verbosity at higher values for diagnosing
  network connectivity issues.
 2019-05-13 10:39:39 +02:00
Wouter Wijngaards
ab6f1d0fc7 - Fix tls write event for read state change to re-call SSL_write and 
not resume the TLS handshake.


git-svn-id: file:///svn/unbound/trunk@5159 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-15 11:52:21 +00:00
Wouter Wijngaards
c8a56bfa8f - Squelch SSL read and write connection reset by peer and broken pipe 
messages.  Verbosity 2 and higher enables them.


git-svn-id: file:///svn/unbound/trunk@5158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-11 15:04:32 +00:00
Wouter Wijngaards
c6369e9ffa - Fix that auth zone fails over to next master for timeout in tcp. 
git-svn-id: file:///svn/unbound/trunk@5155 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-11 13:41:53 +00:00
Wouter Wijngaards
348cbab016 - Fix to reinit event structure for accepted TCP (and TLS) sockets. 
git-svn-id: file:///svn/unbound/trunk@5148 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-05 14:11:28 +00:00
Wouter Wijngaards
a777329b7f - Fix spelling error in log output for event method. 
git-svn-id: file:///svn/unbound/trunk@5147 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-04 14:28:39 +00:00
Wouter Wijngaards
225534e5ab - Fix #4227: pair event del and add for libevent for tcp_req_info. 
git-svn-id: file:///svn/unbound/trunk@5122 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-02-25 15:48:27 +00:00
Wouter Wijngaards
f11d6653d6 - Fix that tcp for auth zone and outgoing does not remove and 
then gets the ssl read again applied to the deleted commpoint.


git-svn-id: file:///svn/unbound/trunk@5074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-25 12:46:15 +00:00
Wouter Wijngaards
f5dcd84d27 Fix reread of buffer data, better, also for TCP. 
git-svn-id: file:///svn/unbound/trunk@5045 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 14:14:12 +00:00
Wouter Wijngaards
be4583ac84 - Fix that multiple dns fragments can be carried in one TLS frame. 
git-svn-id: file:///svn/unbound/trunk@5043 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 13:41:13 +00:00
Wouter Wijngaards
dd19026e91 - Initial commit for out-of-order processing for TCP and TLS. 
git-svn-id: file:///svn/unbound/trunk@5032 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-11 14:12:27 +00:00
Wouter Wijngaards
611e37aa2d (On the patch) 
- make depend, yacc, lex, doc, headers.  And log the limit exceeded
  message only on high verbosity, so as to not spam the logs when
  it is busy.


git-svn-id: file:///svn/unbound/trunk@4841 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 12:48:49 +00:00
Wouter Wijngaards
586b811b87 - Patch to implement tcp-connection-limit from Jim Hague (Sinodun). 
This limits the number of simultaneous TCP client connections
  from a nominated netblock.
And a simple test for TCP connection limit.


git-svn-id: file:///svn/unbound/trunk@4835 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 11:57:42 +00:00
Wouter Wijngaards
1f148e632f remove unused variable 
git-svn-id: file:///svn/unbound/trunk@4822 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 13:36:45 +00:00
Wouter Wijngaards
900cd200a2 more comments (from commit messages). 
git-svn-id: file:///svn/unbound/trunk@4812 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 08:00:57 +00:00
Wouter Wijngaards
e3f08cb2a2 - Implement progressive backoff of TCP idle/keepalive timeout. 
git-svn-id: file:///svn/unbound/trunk@4806 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:20:15 +00:00
Wouter Wijngaards
3dbdde7fed - Add edns-tcp-keepalive and edns-tcp-keepalive timeout options 
and implement option in client responses.


git-svn-id: file:///svn/unbound/trunk@4804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:18:34 +00:00
Wouter Wijngaards
007123ee2c - Sort out test runs when the build directory isn't the project 
root directory.
- Add config tcp-idle-timeout (default 30s). This applies to
  client connections only; the timeout on TCP connections upstream
  is unaffected.


git-svn-id: file:///svn/unbound/trunk@4802 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:15:12 +00:00
Wouter Wijngaards
6792d2d036 - Fix windows tcp and tls spin on events. 
git-svn-id: file:///svn/unbound/trunk@4696 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-28 12:30:34 +00:00
Wouter Wijngaards
d32fb26adb - Fix close events for tcp only. 
git-svn-id: file:///svn/unbound/trunk@4695 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-25 10:41:24 +00:00
Wouter Wijngaards
d4ba7731ad - Fix that tcp sticky events are removed for closed fd on windows. 
git-svn-id: file:///svn/unbound/trunk@4694 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-25 10:02:06 +00:00
Wouter Wijngaards
261bf354b7 - Use accept4 to speed up incoming TCP (and TLS) connections, 
available on Linux and FreeBSD.


git-svn-id: file:///svn/unbound/trunk@4686 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-23 13:55:09 +00:00
Wouter Wijngaards
16b6619dfa - Fix windows to not have sticky TLS events for TCP. 
- Fix read of DNS over TLS length and data in one read call.


git-svn-id: file:///svn/unbound/trunk@4680 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-07 08:31:17 +00:00
Wouter Wijngaards
2be98b581a - Combine write of tcp length and tcp query for dns over tls. 
git-svn-id: file:///svn/unbound/trunk@4601 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 08:10:25 +00:00
Wouter Wijngaards
5919273709 - Fix #3582: Squelch address already in use log when reuseaddr option 
causes same port to be used twice for tcp connections.


git-svn-id: file:///svn/unbound/trunk@4559 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-05 15:45:34 +00:00
Wouter Wijngaards
9f88892190 - Fix nettle compile. 
git-svn-id: file:///svn/unbound/trunk@4555 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-27 13:03:54 +00:00
Wouter Wijngaards
da06b1c76c auth zone review fixes 
git-svn-id: file:///svn/unbound/trunk@4534 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 14:09:57 +00:00
Wouter Wijngaards
54bd1fdd62 - tls-cert-bundle option in unbound.conf enables TLS authentication. 
git-svn-id: file:///svn/unbound/trunk@4532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 10:35:09 +00:00
Wouter Wijngaards
d19f3c8c07 - auth zone url config. 
git-svn-id: file:///svn/unbound/trunk@4525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 16:11:27 +00:00
Wouter Wijngaards
427836884e auth zone http work. 
git-svn-id: file:///svn/unbound/trunk@4524 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 15:14:51 +00:00
Wouter Wijngaards
1ad34fe7ae auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4523 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 14:37:36 +00:00
Wouter Wijngaards
ad89368b4e auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4521 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 11:59:30 +00:00
Wouter Wijngaards
5b41e86d51 auth zone review. 
git-svn-id: file:///svn/unbound/trunk@4520 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 10:43:58 +00:00
Wouter Wijngaards
db766ce064 fix for doxygen and lint. 
git-svn-id: file:///svn/unbound/trunk@4518 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 10:00:10 +00:00
Wouter Wijngaards
75eb720ab5 auth zone work on http feature. 
git-svn-id: file:///svn/unbound/trunk@4517 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-07 16:10:31 +00:00
Wouter Wijngaards
6f88df1fc8 authzone work. 
git-svn-id: file:///svn/unbound/trunk@4380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-19 15:11:20 +00:00
Wouter Wijngaards
7d17a926ac - Spelling fixes, from Phil Porada. 
git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
Wouter Wijngaards
ffc2f687cf - Fix to reclaim tcp handler when it is closed due to dnscrypt buffer 
allocation failure.


git-svn-id: file:///svn/unbound/trunk@4309 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-22 13:40:44 +00:00
Wouter Wijngaards
f78e04a12c - Add an explicit type cast for TCP FASTOPEN fix. 
git-svn-id: file:///svn/unbound/trunk@4205 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 07:59:32 +00:00
Wouter Wijngaards
401e456a17 - Fix fastopen EPIPE fallthrough to perform connect. 
git-svn-id: file:///svn/unbound/trunk@4203 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-01 09:06:14 +00:00
Wouter Wijngaards
627299f5e4 - If MSG_FASTOPEN gives EPIPE fallthrough to try normal tcp write. 
git-svn-id: file:///svn/unbound/trunk@4201 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-31 11:09:15 +00:00