upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-30 11:29:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
6929 commits 23 branches 209 tags 124 MiB
Commit graph

4237 commits

Author SHA1 Message Date
W.C.A. Wijngaards
5f724da8c5 - Fix that TCP interface does not use TLS when TLS is also configured. 2022-02-07 09:31:10 +01:00
W.C.A. Wijngaards
c44fe07a07 - Fix #412: cache invalidation issue with CNAME+A. 2022-02-04 14:27:01 +01:00
W.C.A. Wijngaards
c29b0e0a96 - Fix for #611: Integer overflow in sldns_wire2str_pkt_scan. 2022-02-03 09:03:09 +01:00
W.C.A. Wijngaards
50a312b8da - Update contrib/aaaa-filter-iterator.patch with diff for current 
software version.
 2022-02-02 15:35:19 +01:00
W.C.A. Wijngaards
893fb4d54b - Fix docker splint test to use more portable uname. 2022-02-02 14:47:57 +01:00
W.C.A. Wijngaards
6bad577781 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-02-02 14:11:55 +01:00
W.C.A. Wijngaards
2642319ea6 - please clang analyzer for loop in test code. 2022-02-02 14:11:36 +01:00
George Thessalonikefs
d123e1c919 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-02-02 14:05:35 +01:00
George Thessalonikefs
c53171d942 - Changelog entry clarification. 2022-02-02 14:05:31 +01:00
W.C.A. Wijngaards
e656be63f9 - Fix header comment for doxygen for authextstrtoaddr. 2022-02-02 13:20:46 +01:00
W.C.A. Wijngaards
ee3c478239 - Update version number in repo to 1.15.0 for upcoming release, 
since it changes the aggressive-nsec default and the ratelimit change.
 2022-02-02 13:09:51 +01:00
George Thessalonikefs
b1feb9fb1e - Update stream_ssl.tdir test to also use the new forward-host notation. 2022-02-02 12:55:29 +01:00
George Thessalonikefs
819008cf7e - Merge PR #617: Update stub/forward-host notation to accept port and 
tls-auth-name.
 2022-02-02 11:57:36 +01:00
George Thessalonikefs
32c3bbd249 - Change aggressive-nsec default to yes. 2022-02-02 11:25:08 +01:00
George Thessalonikefs
c6b413069d Changelog entry for #616 
- Merge PR #616: Update ratelimit logic. It also introduces
  ratelimit-backoff and ip-ratelimit-backoff configuration options.
 2022-02-02 11:18:14 +01:00
George Thessalonikefs
506d24c7a6 Changelog entry for #532 
- Merge PR #532 from Shchelk: Fix: buffer overflow bug.
 2022-02-02 10:48:56 +01:00
George Thessalonikefs
a5e9221933 Changelog note for #603: 
- Merge PR #603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA
  internals.
 2022-02-01 18:00:46 +01:00
George Thessalonikefs
10d9804149 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-01-31 11:28:30 +01:00
George Thessalonikefs
a60bbd12ed -Fix review comment for use-after-free when failing to send UDP out. 2022-01-31 11:27:35 +01:00
W.C.A. Wijngaards
84df46289d - iana portlist update. 2022-01-31 10:53:22 +01:00
George Thessalonikefs
888eb224a6 - Better cleanup on failed DoT/DoH listening socket creation. 2022-01-29 15:14:56 +01:00
George Thessalonikefs
c49e87e1b7 - Fix tls-* and ssl-* documented alternate syntax to also be available 
through remote-control and unbound-checkconf.
 2022-01-29 15:11:47 +01:00
W.C.A. Wijngaards
d10562c823 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-01-26 16:41:04 +01:00
W.C.A. Wijngaards
54ea2948da - Test for NSID in SERVFAIL response due to DNSSEC bogus. 2022-01-26 16:40:04 +01:00
George Thessalonikefs
ea47c08e70 - Fix #599: [FR] RFC 9156 (obsoletes RFC 7816), by noting the new RFC 
document.
 2022-01-26 14:35:22 +01:00
George Thessalonikefs
79e755e1dd Changelog note for #612: 
- Merge PR #612: TCP race condition.
 2022-01-25 17:29:52 +01:00
George Thessalonikefs
5c85615515 - Fix #588: Unbound 1.13.2 crashes due to p->pc is NULL in 
serviced_udp_callback.
 2022-01-25 17:15:37 +01:00
W.C.A. Wijngaards
70f13e54bf Changelog note for #610 
- Fix #610: Undefine-shift in sldns_str2wire_hip_buf.
 2022-01-25 09:02:55 +01:00
George Thessalonikefs
8e76eb95a0 - For dnstap, do not wakeupnow right there. Instead zero the timer to 
force the wakeup callback asap.
 2022-01-19 15:32:02 +01:00
W.C.A. Wijngaards
c7ae3ef156 - For #602: Allow the module-config "subnetcache validator cachedb 
iterator".
 2022-01-14 16:30:25 +01:00
W.C.A. Wijngaards
2996040c6c - Add rpz: for-downstream: yesno option, where the RPZ zone is 
authoritatively answered for, so the RPZ zone contents can be
  checked with DNS queries directed at the RPZ zone.
 2022-01-14 16:23:43 +01:00
George Thessalonikefs
3c8a79eed8 Changelog note for #605: 
- Merge PR #605: Fix EDNS to upstream where the same option could be
  attached more than once.
 2022-01-14 15:38:15 +01:00
George Thessalonikefs
a97604737b - Fix prematurely terminated TCP queries when a reply has the same ID. 2022-01-11 10:00:45 +01:00
W.C.A. Wijngaards
d52d94c6db Changelog note for #600 
- Merge #600 from pemensik: Change file mode before changing file
  owner.
 2022-01-07 13:23:18 +01:00
W.C.A. Wijngaards
33ef79d433 - Fix for #596: Fix rpz-signal-nxdomain-ra to work for clientip 
triggered operation.
 2022-01-05 16:48:35 +01:00
W.C.A. Wijngaards
eccfe3e1f5 - Fix #598: Fix unbound-checkconf fatal error: module conf 
'respip dns64 validator iterator' is not known to work.
 2022-01-05 16:14:47 +01:00
W.C.A. Wijngaards
adcbb6ced7 - Fix for #596: add unit test for nsip trigger and signal unset RA. 2022-01-05 14:31:42 +01:00
W.C.A. Wijngaards
c678c696a1 - Fix for #596: add unit test for nsdname trigger and signal unset RA. 2022-01-05 14:13:52 +01:00
W.C.A. Wijngaards
313bceb983 - Fix unit tests for rpz now that the AA flag returns successfully from 
the iterator loop.
 2022-01-05 13:39:06 +01:00
W.C.A. Wijngaards
6b2e96430e - Fix for #596: fix that rpz return message is returned and not just 
the rcode from the iterator return path. This fixes signal unset RA
  after a CNAME.
 2022-01-05 13:35:18 +01:00
W.C.A. Wijngaards
ceef84e022 - Fix that RPZ does not set RD flag on replies, it should be copied 
from the query.
 2022-01-04 13:49:31 +01:00
W.C.A. Wijngaards
95644c9309 - Fix #596: only unset RA when NXDOMAIN is signalled. 2022-01-04 13:48:29 +01:00
W.C.A. Wijngaards
cbdc138df7 - Fix to add test for rpz-signal-nxdomain-ra. 2022-01-04 13:41:27 +01:00
W.C.A. Wijngaards
392c1f0f54 - Fix #596: unset the RA bit when a query is blocked by an unbound 
RPZ nxdomain reply. The option rpz-signal-nxdomain-ra allows to
  signal that a domain is externally blocked to clients when it
  is blocked with NXDOMAIN by unsetting RA.
 2022-01-04 13:40:07 +01:00
George Thessalonikefs
4e492725e1 - contrib/aaaa-filter-iterator.patch file renewed diff content to 
apply cleanly to the current coderepo for the current code version.
 2021-12-22 15:02:44 +01:00
George Thessalonikefs
65113ac775 - Fix #591: Unbound-anchor manpage links to non-existent license file. 2021-12-20 11:35:31 +01:00
George Thessalonikefs
983c716feb - Add missing configure flags for optional features in the 
documentation.
- Fix Unbound capitalization in the documentation.
 2021-12-13 12:46:08 +01:00
W.C.A. Wijngaards
83c712ca60 - Fix to pick up other class local zone information before unlock. 2021-12-13 10:00:53 +01:00
George Thessalonikefs
2c1a5203a5 - Allow local-data for classes other than IN to inherit a configured 
local-zone's type if possible, instead of defaulting to type
  transparent as per the implicit rule.
 2021-12-10 17:35:36 +01:00
W.C.A. Wijngaards
778b50f113 - Add code similar to fix for ldns for tab between strings, for 
consistency, the test case was not broken.
 2021-12-10 09:12:58 +01:00
W.C.A. Wijngaards
d29ab10a34 Continue with version 1.14.1 2021-12-09 10:22:39 +01:00
W.C.A. Wijngaards
c6c54f9de4 - Fix validator debug output about DS support, print correct algorithm. 2021-12-06 13:12:44 +01:00
W.C.A. Wijngaards
c7afaef10c Changelog note for #581 2021-12-06 09:04:50 +01:00
W.C.A. Wijngaards
4efbee08b5 - Fix compile warning for if_nametoindex on windows 64bit. 2021-12-03 10:44:47 +01:00
W.C.A. Wijngaards
919c8c9527 - Fix doc/unbound.doxygen to remove obsolete tag warning. 2021-12-01 17:13:11 +01:00
W.C.A. Wijngaards
5d63ad6474 - configure is set to 1.14.0, and release branch. 2021-12-01 10:08:54 +01:00
George Thessalonikefs
31bac7d5ca - Fix #574: Review fixes for size allocation. 2021-12-01 04:31:58 +01:00
George Thessalonikefs
3dbda3aac3 - Fix #454: listen_dnsport.c:825: error: ‘IPV6_TCLASS’ undeclared. 2021-12-01 04:26:36 +01:00
George Thessalonikefs
7c0cb7198b Changelog note for #530: 
- Merge PR #530 from Shchelk: Fix: dereferencing a null pointer.
 2021-12-01 04:03:27 +01:00
George Thessalonikefs
2add585015 Changelog note for #522: 
- Merge PR #522 from sibeream: memory management violations fixed.
 2021-12-01 04:00:24 +01:00
George Thessalonikefs
05c198ebd6 Changelog note for #562: 
- Merge PR #562 from Willem: Reset keepalive per new tcp session.
 2021-12-01 03:58:01 +01:00
George Thessalonikefs
173a8bb2b6 Changelog note for #555: 
- Merge PR #555 from fobser: Allow interface names as scope-id in
      IPv6 link-local addresses.
 2021-12-01 03:55:53 +01:00
George Thessalonikefs
dc162f7fee Changelog note for #493: 
- Merge PR #493 from Jaap: Fix generation of libunbound.pc.
 2021-12-01 03:51:12 +01:00
George Thessalonikefs
178be45fb3 Changelog note for #511: 
- Merge PR #511 from yan12125: Reduce unnecessary linking.
 2021-12-01 03:48:51 +01:00
W.C.A. Wijngaards
88da8ce174 - iana portlist update. 2021-11-30 15:05:27 +01:00
W.C.A. Wijngaards
2cee189e53 - Fix to remove git tracking and ci information from release tarballs. 2021-11-30 13:38:39 +01:00
W.C.A. Wijngaards
8648db9583 - Fix #574: Review fix for spelling. 2021-11-29 16:11:32 +01:00
W.C.A. Wijngaards
b5dbb0282e - Fix #576: [FR] UB_* error codes in unbound.h 2021-11-29 16:10:45 +01:00
W.C.A. Wijngaards
b48d6760fc - Fix #574: Review fixes for it. 2021-11-29 15:13:14 +01:00
W.C.A. Wijngaards
dcad9d5863 - Fix #574: unbound-checkconf reports fatal error if interface names 
are used as value for interfaces:
 2021-11-29 14:59:39 +01:00
W.C.A. Wijngaards
2921ce9e61 - Fix to make python module opt_list use opt_list_in. 2021-11-29 11:57:45 +01:00
W.C.A. Wijngaards
22881e28cc - Fix for #570: regen aclocal.m4, fix configure.ac for spelling. 2021-11-29 11:41:45 +01:00
Tom Carpay
5bde54b530 Document PR #563 to changelog 2021-11-15 14:19:24 +00:00
W.C.A. Wijngaards
3fc987955e Changelog note for #565 
- Merge #565: unbound.service.in: Disable ProtectKernelTunables again.
 2021-11-05 13:22:27 +01:00
W.C.A. Wijngaards
738c7db9ab - Fix to remove unused code from rpz resolve client and action 
function.
 2021-11-05 12:13:38 +01:00
W.C.A. Wijngaards
0006c08f15 - Fix analyzer review failure in rpz action override code to not 
crash on unlocking the local zone lock.
 2021-11-05 12:02:50 +01:00
George Thessalonikefs
24eded6ef9 - Fix for #558: clear the UB_EV_TIMEOUT bit before adding an event. 2021-11-05 11:21:30 +01:00
George Thessalonikefs
431b749d7a - Fix for #558: fix loop in comm_point->tcp_free when a comm_point is reclaimed 
more than once during callbacks.
 2021-11-05 11:19:08 +01:00
W.C.A. Wijngaards
e7fbd27060 - Fix that forward-zone name is documented as the full name of the 
zone. It is not relative but a fully qualified domain name.
 2021-11-05 10:16:27 +01:00
W.C.A. Wijngaards
1a94a68fc2 - Fix #552: Unbound assumes index.html exists on RPZ host. 2021-11-02 16:45:02 +01:00
W.C.A. Wijngaards
ecb0b44ba8 - Fix to protect custom regional create against small values. 2021-10-11 17:23:30 +02:00
W.C.A. Wijngaards
09afdb7669 - Fix chaos replies to have truncation for short message lengths, 
or long reply strings.
 2021-10-11 17:00:20 +02:00
W.C.A. Wijngaards
ce39d5ad17 - Fix to add example.conf note for outbound-msg-retry. 2021-10-04 09:19:27 +02:00
W.C.A. Wijngaards
89510f4a0c - Implement RFC8375: Special-Use Domain 'home.arpa.'. 2021-09-27 15:09:01 +02:00
W.C.A. Wijngaards
962cb07055 - Fix crosscompile script for the shared build flags. 2021-09-21 14:34:56 +02:00
W.C.A. Wijngaards
9f26f397a9 - Fix crosscompile windows to use libssp when it exists. 
- For the windows compile script disable gost.
- Fix that on windows, use BIO_set_callback_ex instead of deprecated
 2021-09-21 13:51:34 +02:00
W.C.A. Wijngaards
24d0dc1725 - Fix crosscompile shell syntax. 2021-09-21 09:23:38 +02:00
W.C.A. Wijngaards
38f500f1c9 - For crosscompile on windows, detect 64bit stackprotector library. 2021-09-21 09:20:56 +02:00
W.C.A. Wijngaards
808a3cb16d - Fix crosscompile on windows to work with openssl 3.0.0 the 
link with ws2_32 needs -l:libssp.a for __strcpy_chk.
  Also copy results from lib64 directory if needed.
 2021-09-20 17:52:34 +02:00
W.C.A. Wijngaards
63a406a432 - Fix more initialisation errors reported by gcc sanitizer. 2021-09-10 15:27:05 +02:00
W.C.A. Wijngaards
a64cbe958d - Fix lock debug code for gcc sanitizer reports. 2021-09-10 15:11:30 +02:00
W.C.A. Wijngaards
7d70e3c861 - Fix initialisation errors reported by gcc sanitizer. 2021-09-10 14:30:57 +02:00
W.C.A. Wijngaards
f976fdee28 - Fix root_anchor test to check with new icannbundle date. 2021-09-08 17:26:30 +02:00
W.C.A. Wijngaards
829f3c932e - Fix for #41: change outbound retry to int to fix signed comparison 
warnings.
 2021-09-08 15:07:11 +02:00
W.C.A. Wijngaards
750f46d1aa - Small fixes for #41: changelog, conflicts resolved, 
processQueryResponse takes an iterator env argument like other
  functions in the iterator, no colon in string for set_option,
  and some whitespace style, to make it similar to the rest.
 2021-09-08 14:52:56 +02:00
W.C.A. Wijngaards
204edd229e Merge branch 'feature/configure-outbound_msg_retry' of git://github.com/countsudoku/unbound into countsudoku-feature/configure-outbound_msg_retry 2021-09-08 14:38:36 +02:00
W.C.A. Wijngaards
48995dba21 Changelog entry for #538 
- Fix #538: Fix subnetcache statistics.
 2021-09-03 16:41:21 +02:00
W.C.A. Wijngaards
520fa84265 - Fix tcp fastopen failure when disabled, try normal connect instead. 2021-09-01 16:21:10 +02:00
W.C.A. Wijngaards
4b2799fdd6 - Fix #533: Negative responses get cached even when setting 
cache-max-negative-ttl: 1
 2021-08-27 10:33:21 +02:00
W.C.A. Wijngaards
087a7ff95e - Fix asynclook unit test for setup of lockchecks before log. 2021-08-25 16:19:12 +02:00