upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-01 20:39:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
4424 commits 23 branches 209 tags 124 MiB
Commit graph

3013 commits

Author SHA1 Message Date
Wouter Wijngaards
61605c1dfa - Patch to show DNSCrypt status in help output, from Carsten 
Strotmann.


git-svn-id: file:///svn/unbound/trunk@4298 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-10 07:13:44 +00:00
Wouter Wijngaards
c8cdd542dd - Remove spaces from Makefile. 
git-svn-id: file:///svn/unbound/trunk@4297 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-08 09:43:51 +00:00
Wouter Wijngaards
ae67923bab - Fix #1398: make cachedb secret configurable. 
git-svn-id: file:///svn/unbound/trunk@4295 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-08 09:04:51 +00:00
Wouter Wijngaards
1159e53618 - Fix #1397: Recursive DS lookups for AS112 zones names should recurse. 
git-svn-id: file:///svn/unbound/trunk@4294 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-07 07:42:45 +00:00
Ralph Dolmans
3de694be05 Do not add rrset_bogus and query ratelimiting stats per thread. 
git-svn-id: file:///svn/unbound/trunk@4293 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 15:32:24 +00:00
Ralph Dolmans
7b18274d7e - Added stats for queries that have been ratelimited by domain recursion. 
git-svn-id: file:///svn/unbound/trunk@4292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 12:52:33 +00:00
Ralph Dolmans
9f49585a63 - Do not reset rrset.bogus stats when called using stats_noreset. 
git-svn-id: file:///svn/unbound/trunk@4291 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 10:50:46 +00:00
Ralph Dolmans
de731edc0d - Remove unused iter_env member (ip6arpa_dname) 
git-svn-id: file:///svn/unbound/trunk@4290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 09:29:21 +00:00
Wouter Wijngaards
4f9236ae55 - Fix #1394: mix of serve-expired and response-ip could cause a crash. 
git-svn-id: file:///svn/unbound/trunk@4289 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 07:13:12 +00:00
Wouter Wijngaards
ff6a1cee12 - iana update 
git-svn-id: file:///svn/unbound/trunk@4288 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 11:58:18 +00:00
Wouter Wijngaards
e396684a54 - Fix #1365: Add Ed25519 support using libnettle. 
git-svn-id: file:///svn/unbound/trunk@4286 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 10:44:30 +00:00
Wouter Wijngaards
8abb85e4b2 - Fix DSA configure switch (--disable dsa) for libnettle and libnss. 
git-svn-id: file:///svn/unbound/trunk@4285 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 10:09:05 +00:00
Wouter Wijngaards
b7d9b59aa9 - Fix compile with libnettle 
git-svn-id: file:///svn/unbound/trunk@4281 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:52:20 +00:00
Wouter Wijngaards
62e88b46cc - remove warning from windows compile. 
git-svn-id: file:///svn/unbound/trunk@4280 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:30:12 +00:00
Wouter Wijngaards
7f6827aaae - squelch TCP fast open error on FreeBSD when kernel has it disabled, 
unless verbosity is high.


git-svn-id: file:///svn/unbound/trunk@4279 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:14:42 +00:00
Wouter Wijngaards
abb6cfdebd - upgrade aclocal(pkg.m4 0.29.1), config.guess(2016-10-02), 
config.sub(2016-09-05).
- annotate case statement fallthrough for gcc 7.1.1.
- flex output from flex 2.6.1.
- snprintf of thread number does not warn about truncated string.


git-svn-id: file:///svn/unbound/trunk@4278 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:04:18 +00:00
Wouter Wijngaards
1d3e6758b2 - Fix #1349: allow suppression of pidfiles (from Daniel Kahn Gillmor). 
With the -p option unbound does not create a pidfile.


git-svn-id: file:///svn/unbound/trunk@4276 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-17 08:26:49 +00:00
Wouter Wijngaards
c52c07c086 - Fix #1350: make cachedb backend configurable (from JINMEI Tatuya). 
git-svn-id: file:///svn/unbound/trunk@4275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-17 08:21:19 +00:00
Wouter Wijngaards
160b70f417 - Redirect all localhost names to localhost address for RFC6761. 
git-svn-id: file:///svn/unbound/trunk@4273 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-11 14:29:54 +00:00
Wouter Wijngaards
c8189d1018 - Fix #1344: RFC6761-reserved domains: test. and invalid. 
git-svn-id: file:///svn/unbound/trunk@4272 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-11 13:27:33 +00:00
Wouter Wijngaards
bedac6bc28 test report again 
git-svn-id: file:///svn/unbound/trunk@4270 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 14:21:52 +00:00
Wouter Wijngaards
40a4688400 Test -f report. 
git-svn-id: file:///svn/unbound/trunk@4269 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 14:16:47 +00:00
Wouter Wijngaards
ecfe84702b run tests. 
git-svn-id: file:///svn/unbound/trunk@4267 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:41:13 +00:00
Wouter Wijngaards
0f4fdb6669 - Fix svn hooks for tdir (selected if testcode/mini_tdir.sh exists). 
git-svn-id: file:///svn/unbound/trunk@4266 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:39:28 +00:00
Wouter Wijngaards
ead37db595 - Fix tests to use .tdir (from Manu Bretelle) instead of .tpkg. 
git-svn-id: file:///svn/unbound/trunk@4263 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:27:05 +00:00
Wouter Wijngaards
522bff52fe - Fix 1332: Bump verbosity of failed chown'ing of the control socket. 
git-svn-id: file:///svn/unbound/trunk@4262 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-05 06:59:45 +00:00
Wouter Wijngaards
67f54eea66 - Fix openssl 1.1.0 load of ssl error strings from ssl init. 
git-svn-id: file:///svn/unbound/trunk@4260 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 13:37:37 +00:00
Wouter Wijngaards
1a0bb5ad5a - Fix pythonmod link line option flag. 
git-svn-id: file:///svn/unbound/trunk@4259 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 12:48:53 +00:00
Wouter Wijngaards
7e8e85459c - Fix #1331: libunbound segfault in threaded mode when context is 
deleted.


git-svn-id: file:///svn/unbound/trunk@4258 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 11:41:32 +00:00
Wouter Wijngaards
5fba7e4339 - Fix for unbound-checkconf, check ipsecmod-hook if ipsecmod is turned 
on.


git-svn-id: file:///svn/unbound/trunk@4257 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 07:14:37 +00:00
Wouter Wijngaards
08a3461810 - enhancement for hardened-tls for DNS over TLS. Removed duplicated 
security settings.


git-svn-id: file:///svn/unbound/trunk@4255 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 11:45:43 +00:00
Wouter Wijngaards
60d4c9bd54 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4254 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 07:36:02 +00:00
Wouter Wijngaards
7a9d8f49f4 - Fix python example0 return module wait instead of error for pass. 
git-svn-id: file:///svn/unbound/trunk@4253 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 07:28:11 +00:00
Wouter Wijngaards
50b7b2113e - Fix that infra cache host hash does not change after reconfig. 
git-svn-id: file:///svn/unbound/trunk@4252 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-27 15:23:17 +00:00
Wouter Wijngaards
0b8117df2f - Remove signed unsigned warning from authzone. 
git-svn-id: file:///svn/unbound/trunk@4251 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-27 10:54:15 +00:00
Wouter Wijngaards
0393f598d5 - Trunk contains 1.6.5, with changes from 26, 27 june. 
git-svn-id: file:///svn/unbound/trunk@4250 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-27 10:53:52 +00:00
Wouter Wijngaards
5573d7508b - unbound-control dump_infra prints port number for address if not 53. 
git-svn-id: file:///svn/unbound/trunk@4248 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-26 12:31:49 +00:00
Wouter Wijngaards
542162b4e0 - First fix for zero b64 and hex text zone format in sldns. 
git-svn-id: file:///svn/unbound/trunk@4247 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-26 11:36:54 +00:00
Wouter Wijngaards
e7260518ea - Better fixup of dnscrypt_cert_chacha test for different escapes. 
git-svn-id: file:///svn/unbound/trunk@4246 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-26 09:06:42 +00:00
Wouter Wijngaards
a2f8946764 - (for 1.6.5): fixup of dnscrypt_cert_chacha test (from Manu Bretelle). 
git-svn-id: file:///svn/unbound/trunk@4244 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-23 06:56:59 +00:00
Wouter Wijngaards
171a7a107e - Tag 1.6.4rc2 
git-svn-id: file:///svn/unbound/trunk@4242 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-22 12:08:18 +00:00
Ralph Dolmans
6195229d76 - Added fastrpz patch to contrib 
git-svn-id: file:///svn/unbound/trunk@4241 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-22 12:03:32 +00:00
Wouter Wijngaards
062515d9bc - Fix #1316: heap read buffer overflow in parse_edns_options. 
git-svn-id: file:///svn/unbound/trunk@4240 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-21 11:50:39 +00:00
Wouter Wijngaards
311264b960 - Fix lintian typo. 
git-svn-id: file:///svn/unbound/trunk@4239 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-20 13:34:01 +00:00
Wouter Wijngaards
bdd2cd248d - Tag 1.6.4rc1 
git-svn-id: file:///svn/unbound/trunk@4237 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-20 07:38:52 +00:00
Wouter Wijngaards
1f6a7da0b0 - Fix warning in pythonmod under clang compiler. 
git-svn-id: file:///svn/unbound/trunk@4236 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-20 07:05:30 +00:00
Ralph Dolmans
71d2d60b85 - Fix #1277: disable domain ratelimit by setting value to 0. 
git-svn-id: file:///svn/unbound/trunk@4235 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 13:22:43 +00:00
Wouter Wijngaards
4e66465e22 - Fix to unlock view in view test. 
git-svn-id: file:///svn/unbound/trunk@4234 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 11:16:31 +00:00
Wouter Wijngaards
2288777334 - Fix dnscrypt chacha cert support ifdefs. 
- Fix dnscrypt chacha cert unit test escapes in grep.
- Remove asynclook tests that cause test and purifier problems.


git-svn-id: file:///svn/unbound/trunk@4233 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 08:20:44 +00:00
Wouter Wijngaards
dff6c5ff7a - Fix memory leak in dnscrypt config read. 
git-svn-id: file:///svn/unbound/trunk@4231 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:55:52 +00:00
Wouter Wijngaards
df78cb7ccb - Fix memory leak in sldns_buffer_new_frm_data. 
git-svn-id: file:///svn/unbound/trunk@4230 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:42:52 +00:00
Wouter Wijngaards
acada5a8f6 - Free callback in edns-subnetmod on exit and restart. 
git-svn-id: file:///svn/unbound/trunk@4229 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:31:30 +00:00
Wouter Wijngaards
20f8dafcd4 - Fix #1301: memory leak in respip and tests. 
git-svn-id: file:///svn/unbound/trunk@4228 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:27:49 +00:00
Wouter Wijngaards
7bb1d8a8d1 - Fix query for refetch_glue of stub leaking to internet. 
git-svn-id: file:///svn/unbound/trunk@4227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 15:00:07 +00:00
Wouter Wijngaards
39b5f5bbc6 - Fix stub zone queries leaking to the internet for 
harden-referral-path ns checks.


git-svn-id: file:///svn/unbound/trunk@4226 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 07:59:05 +00:00
Wouter Wijngaards
7ebe1fe115 - More fixes in depth for buffer checks in 0x20 qname checks. 
git-svn-id: file:///svn/unbound/trunk@4225 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:34:44 +00:00
Wouter Wijngaards
843bd4156e - Fix #1280: Unbound fails assert when response from authoritative 
contains malformed qname.  When 0x20 caps-for-id is enabled, when
  assertions are not enabled the malformed qname is handled correctly.
- 1.6.3 tag created, with only #1280 fix, trunk is 1.6.4 development.


git-svn-id: file:///svn/unbound/trunk@4224 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:25:47 +00:00
Wouter Wijngaards
ca8d0a0e92 - Fix #1279: Memory leak on reload when python module is enabled. 
git-svn-id: file:///svn/unbound/trunk@4220 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 07:10:58 +00:00
Wouter Wijngaards
c4869780d1 - Fix #1278: Incomplete wildcard proof. 
git-svn-id: file:///svn/unbound/trunk@4218 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-12 10:11:28 +00:00
Ralph Dolmans
998793998d - Added domain name based ECS whitelist. 
git-svn-id: file:///svn/unbound/trunk@4217 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 14:44:55 +00:00
Wouter Wijngaards
e2459be7e1 - dnscrypt unit tests with chacha. 
git-svn-id: file:///svn/unbound/trunk@4216 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 08:27:49 +00:00
Wouter Wijngaards
33de42e729 - Detect chacha for dnscrypt at configure time. 
git-svn-id: file:///svn/unbound/trunk@4215 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 08:17:38 +00:00
Wouter Wijngaards
54eabdde58 - Add dnscrypt XChaCha20 tests. 
git-svn-id: file:///svn/unbound/trunk@4213 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-07 11:39:02 +00:00
Wouter Wijngaards
7e9d37acae - Fix that unbound-control can set val_clean_additional and val_permissive_mode. 
git-svn-id: file:///svn/unbound/trunk@4210 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-07 07:00:02 +00:00
Wouter Wijngaards
b9196d48d2 - Fix #1276: [dnscrypt] add XChaCha20-Poly1305 cipher. 
git-svn-id: file:///svn/unbound/trunk@4208 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 12:52:26 +00:00
Wouter Wijngaards
75cb40edd1 - Fix #1275: cached data in cachedb is never used. 
git-svn-id: file:///svn/unbound/trunk@4207 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 12:08:14 +00:00
Wouter Wijngaards
124f8d57ab - renumbering B-Root's IPv6 address to 2001:500:200::b. 
git-svn-id: file:///svn/unbound/trunk@4206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 09:33:09 +00:00
Wouter Wijngaards
f78e04a12c - Add an explicit type cast for TCP FASTOPEN fix. 
git-svn-id: file:///svn/unbound/trunk@4205 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 07:59:32 +00:00
Ralph Dolmans
b93fd4e0c9 - Fix #1274: automatically trim chroot path from dnscrypt key/cert paths (from 
Manu Bretelle).


git-svn-id: file:///svn/unbound/trunk@4204 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-01 09:51:05 +00:00
Wouter Wijngaards
401e456a17 - Fix fastopen EPIPE fallthrough to perform connect. 
git-svn-id: file:///svn/unbound/trunk@4203 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-01 09:06:14 +00:00
Ralph Dolmans
69828ed94b - Also use global local-zones when there is a matching view that does not have 
any local-zone specified. 


git-svn-id: file:///svn/unbound/trunk@4202 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-31 11:45:39 +00:00
Wouter Wijngaards
627299f5e4 - If MSG_FASTOPEN gives EPIPE fallthrough to try normal tcp write. 
git-svn-id: file:///svn/unbound/trunk@4201 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-31 11:09:15 +00:00
Wouter Wijngaards
e4c60435d2 - Fix #1273: cachedb.c doesn't compile with -Wextra. 
git-svn-id: file:///svn/unbound/trunk@4200 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-31 05:42:23 +00:00
Ralph Dolmans
486edb10db - Fix #1269: inconsistent use of built-in local zones with views. 
- Add defaults for new local-zone trees added to views using unbound-control.


git-svn-id: file:///svn/unbound/trunk@4199 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-30 13:04:19 +00:00
Wouter Wijngaards
8c4e7ffb14 - Support for openssl EVP_DigestVerify. 
- Support for the ED25519 algorithm with openssl (from openssl 1.1.1).


git-svn-id: file:///svn/unbound/trunk@4198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-30 12:28:25 +00:00
Wouter Wijngaards
8b2397542e - Fix assertion for low buffer size and big edns payload when worker 
overrides udpsize.


git-svn-id: file:///svn/unbound/trunk@4195 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-29 07:32:45 +00:00
Ralph Dolmans
6132c9f8d5 - Added redirect-bogus.patch to contrib directory. 
git-svn-id: file:///svn/unbound/trunk@4194 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-26 12:09:38 +00:00
Wouter Wijngaards
ca57014bf2 - printout localzone for duplicate local-zone warnings. 
git-svn-id: file:///svn/unbound/trunk@4193 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-26 11:09:16 +00:00
Wouter Wijngaards
3304a4f622 - exec_prefix is by default equal to prefix. 
git-svn-id: file:///svn/unbound/trunk@4192 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-26 10:47:18 +00:00
Wouter Wijngaards
6538b82928 - Fix #1270: unitauth.c doesn't compile with higher warning level 
and optimization


git-svn-id: file:///svn/unbound/trunk@4191 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-26 06:50:48 +00:00
Wouter Wijngaards
aa9365446b - authzone cname chain, no rrset duplicates, wildcard doesn't change 
rrsets added for cname chain.


git-svn-id: file:///svn/unbound/trunk@4189 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-24 12:26:44 +00:00
Wouter Wijngaards
65dde0c965 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4183 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-23 10:33:15 +00:00
Wouter Wijngaards
71fba3d221 - first services/authzone check in, it compiles and reads and writes 
zonefiles.


git-svn-id: file:///svn/unbound/trunk@4178 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-23 09:32:40 +00:00
Wouter Wijngaards
1a44a8402e - Fix #1268: SIGSEGV after log_reopen. 
git-svn-id: file:///svn/unbound/trunk@4177 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-22 07:20:59 +00:00
Wouter Wijngaards
1329ff5f36 and compatibility with BoringSSL. 
git-svn-id: file:///svn/unbound/trunk@4175 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-18 07:20:26 +00:00
Wouter Wijngaards
658c759b3d - Fix #1267: Libunbound validator/val_secalgo.c uses obsolete APIs. 
git-svn-id: file:///svn/unbound/trunk@4174 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-18 07:15:16 +00:00
Wouter Wijngaards
6e0ba733f3 - Fix #1265 to use /bin/kill. 
git-svn-id: file:///svn/unbound/trunk@4173 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-18 07:08:55 +00:00
Wouter Wijngaards
0d271cbb09 - Fix #1265: contrib/unbound.service contains hardcoded path. 
git-svn-id: file:///svn/unbound/trunk@4171 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-17 14:50:10 +00:00
George Thessalonikefs
95544096bf - Use qstate's region for IPSECKEY rrset (ipsecmod). 
git-svn-id: file:///svn/unbound/trunk@4169 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-17 13:22:06 +00:00
Wouter Wijngaards
f78acf53fb - Fix type AVC sldns RR definition. 
git-svn-id: file:///svn/unbound/trunk@4162 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 15:00:36 +00:00
Wouter Wijngaards
92d625b648 - better module memory lookup, fix of unbound-control shm names for 
module memory printout of statistics.


git-svn-id: file:///svn/unbound/trunk@4161 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 14:16:59 +00:00
Wouter Wijngaards
7641f23f87 - updated configure, dependencies and flex output. 
git-svn-id: file:///svn/unbound/trunk@4159 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 13:21:10 +00:00
George Thessalonikefs
491b0a26e4 - Implemented opportunistic IPsec support module (ipsecmod). 
- Some whitespace fixup.


git-svn-id: file:///svn/unbound/trunk@4158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 12:39:24 +00:00
Wouter Wijngaards
5febdd39a1 - document trust-anchor-signaling in example config file. 
git-svn-id: file:///svn/unbound/trunk@4157 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 07:50:42 +00:00
Wouter Wijngaards
d0d6e34746 - updated dependencies in the makefile. 
git-svn-id: file:///svn/unbound/trunk@4155 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 07:28:50 +00:00
Wouter Wijngaards
1db056b19c - Fix queries for nameservers under a stub leaking to the internet. 
git-svn-id: file:///svn/unbound/trunk@4154 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 15:10:10 +00:00
Wouter Wijngaards
893159454f - Adjust servfail by iterator to not store in cache when serve-expired 
is enabled, to avoid overwriting useful information there.


git-svn-id: file:///svn/unbound/trunk@4153 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 12:16:41 +00:00
Ralph Dolmans
ce54c45394 - Add 'c' to getopt() in testbound. 
- iana portlist update.


git-svn-id: file:///svn/unbound/trunk@4152 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-09 15:02:39 +00:00
Wouter Wijngaards
4e502fd624 - Set SO_REUSEADDR on outgoing tcp connections to fix the bind before 
connect limited tcp connections.  With the option tcp connections
  can share the same source port (for different destinations).


git-svn-id: file:///svn/unbound/trunk@4151 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-08 10:41:03 +00:00
Wouter Wijngaards
ad2e157763 - Fix tcp-mss failure printout text. 
git-svn-id: file:///svn/unbound/trunk@4150 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-08 07:15:48 +00:00
Wouter Wijngaards
1d181f0ade - sldns SMIMEA and AVC definitions, same as getdns definitions. 
git-svn-id: file:///svn/unbound/trunk@4148 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 14:48:52 +00:00
Wouter Wijngaards
cb26ca2ce7 - Fix sldns parse and printout of TSIG RRs. 
The printout text format is the same as dig uses.


git-svn-id: file:///svn/unbound/trunk@4145 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 13:53:06 +00:00
Ralph Dolmans
657948dd0c - Added mesh_add_sub to add detached mesh entries. 
- Use mesh_add_sub for key tag signaling queries.


git-svn-id: file:///svn/unbound/trunk@4144 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 13:17:56 +00:00
Wouter Wijngaards
7e8d548d24 - Fix sldns int16_data parse. 
git-svn-id: file:///svn/unbound/trunk@4143 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 12:15:06 +00:00
Wouter Wijngaards
4770bfbb5b - Fix sldns wire2str printout of RR type CAA tags. 
git-svn-id: file:///svn/unbound/trunk@4142 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 12:05:10 +00:00
Wouter Wijngaards
3018dc636a - Added test for leak of stub information. 
git-svn-id: file:///svn/unbound/trunk@4141 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 09:16:54 +00:00
Wouter Wijngaards
f610f40558 Fix #1258: 64bit getting installed in C:\Program Files (x86). 
git-svn-id: file:///svn/unbound/trunk@4140 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-01 14:57:36 +00:00
Wouter Wijngaards
eb67febcc4 - Fix #1258: Windows 10 X64 unbound 1.6.2 service will not start. 
git-svn-id: file:///svn/unbound/trunk@4139 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-01 14:41:40 +00:00
Wouter Wijngaards
3676f20923 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4138 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-01 13:29:48 +00:00
Wouter Wijngaards
7940e854e6 - Fix #1259: "--disable-ecdsa" argument overwritten 
by "#ifdef SHA256_DIGEST_LENGTH@daemon/remote.c".


git-svn-id: file:///svn/unbound/trunk@4137 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-01 07:34:48 +00:00
Ralph Dolmans
a511d5d95e - Implemented trust anchor signaling using key tag query. 
git-svn-id: file:///svn/unbound/trunk@4134 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-26 12:58:13 +00:00
Wouter Wijngaards
619b808b31 - Based on #1257: check parse limit before t increment in sldns RR 
string parse routine.


git-svn-id: file:///svn/unbound/trunk@4133 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-26 09:03:15 +00:00
Wouter Wijngaards
56bde1ceca - trunk contains 1.6.3 version number (changes from 1.6.2 back from 
when the 1.6.2rc1 tag has been created).


git-svn-id: file:///svn/unbound/trunk@4132 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-24 12:30:55 +00:00
Wouter Wijngaards
7925a98141 variables get_option and set_option also for dnscrypt. 
git-svn-id: file:///svn/unbound/trunk@4130 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-24 09:00:45 +00:00
Wouter Wijngaards
461c8c97db - unbound-checkconf -o allows query of dnstap config variables. 
Also unbound-control get_option.


git-svn-id: file:///svn/unbound/trunk@4129 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-24 08:30:32 +00:00
Ralph Dolmans
593949c88e - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4128 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-21 10:26:01 +00:00
Ralph Dolmans
73873da0c0 - Fix #1254: clarify ratelimit-{for,below}-domain (from Manu Bretelle). 
git-svn-id: file:///svn/unbound/trunk@4127 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-21 10:20:35 +00:00
Ralph Dolmans
dae84a96fb - Fix #1253: unused variable in edns-subnet/addrtree.c:getbit(). 
git-svn-id: file:///svn/unbound/trunk@4126 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-18 13:25:09 +00:00
Ralph Dolmans
89c2383c71 - Fix #1252: more indentation inconsistencies. 
git-svn-id: file:///svn/unbound/trunk@4125 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-18 09:00:52 +00:00
Wouter Wijngaards
17dd3370fc - (for 1.6.3:) unbound.h exports the shm stats structures. They use 
type long long and no ifdefs, and ub_ before the typenames.


git-svn-id: file:///svn/unbound/trunk@4117 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 12:47:29 +00:00
Ralph Dolmans
710778dfdd - Added ECS unit test (from Manu Bretelle). 
- ECS documentation fix (from Manu Bretelle). 


git-svn-id: file:///svn/unbound/trunk@4116 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 08:49:32 +00:00
Wouter Wijngaards
ef589f8981 - tag for 1.6.2rc1 
git-svn-id: file:///svn/unbound/trunk@4114 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 07:37:07 +00:00
Wouter Wijngaards
16428ccbd2 - Fix #1250: inconsistent indentation in services/listen_dnsport.c. 
git-svn-id: file:///svn/unbound/trunk@4113 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 07:17:05 +00:00
Wouter Wijngaards
c9e5433a70 - subnet mem value is available in shm, also when not enabled, 
to make the struct easier to memmap by other applications,
  independent of the configuration of unbound.


git-svn-id: file:///svn/unbound/trunk@4112 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-12 15:01:11 +00:00
Ralph Dolmans
4b39a9eaf8 - Set SHM ECS memory usage to 0 when module not loaded. 
git-svn-id: file:///svn/unbound/trunk@4111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-12 13:51:34 +00:00
Ralph Dolmans
1c02193ddb - Fix #1249: unbound doesn't return FORMERR to bogus ECS. 
git-svn-id: file:///svn/unbound/trunk@4110 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-12 13:12:21 +00:00
Ralph Dolmans
2be864c218 - Properly check for allocation failure in local_data_find_tag_datas. 
git-svn-id: file:///svn/unbound/trunk@4109 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-12 12:44:53 +00:00
Ralph Dolmans
22339c9ba9 - Fix #1247: unbound does not shorten source prefix length when forwarding ECS. 
git-svn-id: file:///svn/unbound/trunk@4108 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-12 11:47:18 +00:00
Ralph Dolmans
8fedcffc02 - Display ECS module memory usage. 
git-svn-id: file:///svn/unbound/trunk@4106 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-11 13:10:30 +00:00
Wouter Wijngaards
5a0ae9a055 better description. 
- harden-algo-downgrade: no also makes unbound more lenient about
	  digest algorithms in DS records.


git-svn-id: file:///svn/unbound/trunk@4105 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 13:56:31 +00:00
Wouter Wijngaards
4d7d32c846 - harden algo downgrade also makes unbound more lenient about digest 
algorithms in DS records.


git-svn-id: file:///svn/unbound/trunk@4104 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 13:38:50 +00:00
Ralph Dolmans
e3058de235 - Use correct identifier for SHM destroy. 
git-svn-id: file:///svn/unbound/trunk@4103 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 12:58:26 +00:00
Ralph Dolmans
d7304e7c75 - Zero initialize addrtree allocation. 
git-svn-id: file:///svn/unbound/trunk@4102 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 10:46:54 +00:00
Ralph Dolmans
bde9269510 Respip dereference after NULL check. 
git-svn-id: file:///svn/unbound/trunk@4101 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 10:18:22 +00:00
Ralph Dolmans
a5c7c469ee - Remove ECS option after REFUSED answer 
- Fix small memory leak in edns_opt_copy_alloc



git-svn-id: file:///svn/unbound/trunk@4100 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 09:12:04 +00:00
George Thessalonikefs
4e0787dcf3 - Fix pythonmod for cb changes. 
- Some whitespace fixup.


git-svn-id: file:///svn/unbound/trunk@4099 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-07 17:07:16 +00:00
Ralph Dolmans
7e59ef65e6 Unlock view in respip unit test 
git-svn-id: file:///svn/unbound/trunk@4098 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-07 08:57:05 +00:00
Wouter Wijngaards
06e794898f - Fix pythonmod for cb changes. 
git-svn-id: file:///svn/unbound/trunk@4097 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 14:17:37 +00:00
Ralph Dolmans
ae31233b19 - remove malloc from inplace_cb_register 
git-svn-id: file:///svn/unbound/trunk@4095 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 13:41:49 +00:00
Ralph Dolmans
a2bc93547f - Generalise inplace callback (de)registration 
- (de)register inplace callbacks for module id
- No unbound-control set_option for ECS options
- Deprecated client-subnet-opcode config option
- Introduced client-subnet-always-forward config option
- Changed max-client-subnet-ipv6 default to 56 (as in RFC)
- Removed extern ECS config options
- module_restart_next now calls clear on all following modules
- Also create ECS module qstate on module_event_pass event


git-svn-id: file:///svn/unbound/trunk@4092 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 13:13:06 +00:00
Wouter Wijngaards
bdac428d79 - Fix respip for braces when locks arent used. 
git-svn-id: file:///svn/unbound/trunk@4091 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 11:57:27 +00:00
Wouter Wijngaards
f7595c3348 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4090 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 07:04:34 +00:00
Wouter Wijngaards
a5abaed4ce - Small fixup for documentation. 
git-svn-id: file:///svn/unbound/trunk@4089 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 06:55:55 +00:00
Wouter Wijngaards
7338c1b892 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4088 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-04 13:46:45 +00:00
Wouter Wijngaards
4321a363a4 - Fix #1244: document that use of chroot requires trust anchor file to 
be under chroot.


git-svn-id: file:///svn/unbound/trunk@4087 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-04 13:39:33 +00:00
Ralph Dolmans
d30ae35c62 - Do not add current time twice to TTL before ECS cache store. 
- Do not touch rrset cache after ECS cache message generation.
- Use LDNS_EDNS_CLIENT_SUBNET as default ECS opcode.


git-svn-id: file:///svn/unbound/trunk@4086 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-03 09:36:18 +00:00
Wouter Wijngaards
292a337dad - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4085 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-03 09:07:17 +00:00
Wouter Wijngaards
897635b32b - Fix #1217: Add metrics to unbound-control interface showing 
crypted, cert request, plaintext and malformed queries (from
  Manu Bretelle).


git-svn-id: file:///svn/unbound/trunk@4084 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-03 09:03:32 +00:00
Wouter Wijngaards
3f7af974a3 - Remove (now unused) event2 include from dnscrypt code. 
git-svn-id: file:///svn/unbound/trunk@4082 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-27 06:27:22 +00:00
George Thessalonikefs
d8272d4010 - Update Changelog. 
git-svn-id: file:///svn/unbound/trunk@4081 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-24 11:02:26 +00:00
Wouter Wijngaards
b7a9969e73 - Fix #1239: configure fails to find python distutils if python 
prints warning.


git-svn-id: file:///svn/unbound/trunk@4079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-23 10:23:38 +00:00
Wouter Wijngaards
4fb762f6e4 - Fix #1229: Systemd service sandboxing, options in wrong sections. 
git-svn-id: file:///svn/unbound/trunk@4078 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-22 07:22:34 +00:00
Wouter Wijngaards
78fecfe558 - Fix #1238: segmentation fault when adding through the remote 
interface a per-view local zone to a view with no previous
  (configured) local zones.


git-svn-id: file:///svn/unbound/trunk@4077 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-22 07:19:38 +00:00
Ralph Dolmans
b0fd814975 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
Wouter Wijngaards
80029d63f0 - Fix doxygen for dnscrypt files. 
git-svn-id: file:///svn/unbound/trunk@4073 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 08:50:17 +00:00
Wouter Wijngaards
f0bf15d2cb - fixup for lruhash (whitespace and header file comment). 
- dnscrypt tests.


git-svn-id: file:///svn/unbound/trunk@4072 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:51:34 +00:00
Wouter Wijngaards
d1cbf19798 - lru_demote and lruhash_insert_or_retrieve functions for getdns. 
git-svn-id: file:///svn/unbound/trunk@4068 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:25:06 +00:00
Wouter Wijngaards
86f0baf146 - make depend, autoconf, remove warnings about statement before var. 
git-svn-id: file:///svn/unbound/trunk@4066 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:09:06 +00:00
Wouter Wijngaards
7c9584e408 - #1217. DNSCrypt support, with --enable-dnscrypt, libsodium and then 
enabled in the config file from Manu Bretelle.


git-svn-id: file:///svn/unbound/trunk@4065 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 14:55:31 +00:00
Wouter Wijngaards
f952ac1dee - Fix #1237 - Wrong resolving in chain, for norec queries that get 
SERVFAIL returned.


git-svn-id: file:///svn/unbound/trunk@4064 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-17 14:32:25 +00:00
Wouter Wijngaards
52dd15dd87 - Patch for view functionality for local-data-ptr from Björn Ketelaars. 
git-svn-id: file:///svn/unbound/trunk@4063 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-17 08:01:40 +00:00
Wouter Wijngaards
f374268521 - trustanchor tags are sorted. reusable routine to fetch taglist. 
git-svn-id: file:///svn/unbound/trunk@4056 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 15:04:18 +00:00
Wouter Wijngaards
ca48de34e9 - Fix that looped DNAMEs do not cause unbound to spend effort. 
git-svn-id: file:///svn/unbound/trunk@4055 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 14:32:58 +00:00
Wouter Wijngaards
6c456aa15e - Add trustanchor.unbound CH TXT that gets a response with a number 
of TXT RRs with a string like "example.com. 2345 1234" with
  the trust anchors and their keytags.


git-svn-id: file:///svn/unbound/trunk@4051 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:17:58 +00:00
Wouter Wijngaards
45517ad616 - Fix #1235: Fix too long DNAME expansion produces SERVFAIL instead 
of YXDOMAIN + query loop, reported by Petr Spacek.


git-svn-id: file:///svn/unbound/trunk@4049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-13 08:27:01 +00:00
Wouter Wijngaards
6d57b0ddb7 - testbound understands Deckard MATCH rcode question answer commands. 
git-svn-id: file:///svn/unbound/trunk@4048 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-13 08:15:07 +00:00
Wouter Wijngaards
038550c889 - Fix #1234: shortening DNAME loop produces duplicate DNAME records 
in ANSWER section.


git-svn-id: file:///svn/unbound/trunk@4047 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-10 13:04:24 +00:00
Wouter Wijngaards
2b9d47ff01 - unbound-control list local zone and data commands listed in the 
help output.


git-svn-id: file:///svn/unbound/trunk@4046 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-09 16:25:32 +00:00
Wouter Wijngaards
05215e8e7d - --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and 
DS records.  NSEC3 is not disabled.
- fake-sha1 test option; print warning if used.  To make unit tests.


git-svn-id: file:///svn/unbound/trunk@4043 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-09 13:18:08 +00:00
Wouter Wijngaards
4a429c11d5 - fix enum conversion warnings 
git-svn-id: file:///svn/unbound/trunk@4038 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-08 08:21:51 +00:00
Wouter Wijngaards
cbf8c632dc - swig version 2.0.1 required. 
git-svn-id: file:///svn/unbound/trunk@4037 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-08 07:57:06 +00:00
Wouter Wijngaards
578fc220ad - make depend for build dependencies. 
git-svn-id: file:///svn/unbound/trunk@4036 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-08 07:54:41 +00:00
Wouter Wijngaards
cae9809e11 - Response actions based on IP address from Jinmei Tatuya (Infoblox). 
git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-07 14:58:51 +00:00
Wouter Wijngaards
570564a375 - Fix #1230: swig version 2.0.0 is required for pythonmod, with 
1.3.40 it crashes when running repeatly unbound-control reload.


git-svn-id: file:///svn/unbound/trunk@4034 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-07 10:40:45 +00:00
Wouter Wijngaards
5058406b84 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4033 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-06 15:33:30 +00:00
Wouter Wijngaards
7e6e9a0155 - Fix #1229: Systemd service sandboxing in contrib/unbound.service. 
git-svn-id: file:///svn/unbound/trunk@4032 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-06 15:27:36 +00:00
Ralph Dolmans
6137f1b0b2 - Fix testpkts.c, check if DO bit is set, not only if there is an OPT record. 
git-svn-id: file:///svn/unbound/trunk@4031 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-28 13:11:05 +00:00
Wouter Wijngaards
689fdc1d0b - For #1227: if we have sha256, set the cipher list to have no 
known vulns.


git-svn-id: file:///svn/unbound/trunk@4030 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-28 08:23:25 +00:00
Wouter Wijngaards
7455717359 - Fix #1226: provide official 32bit binary for windows. 
git-svn-id: file:///svn/unbound/trunk@4028 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-27 15:05:52 +00:00
Wouter Wijngaards
3289d8482c - Fix #1227: Fix that Unbound control allows weak ciphersuits. 
git-svn-id: file:///svn/unbound/trunk@4027 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-27 14:40:30 +00:00
Wouter Wijngaards
8ce59e67d5 meant NetBSD. 
git-svn-id: file:///svn/unbound/trunk@4026 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-24 15:53:34 +00:00
Wouter Wijngaards
5f48fa3a6e - include sys/time.h for new shm code on OpenBSD. 
git-svn-id: file:///svn/unbound/trunk@4025 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-24 15:51:19 +00:00
Wouter Wijngaards
0fff8a32b5 - make depend, autoconf, doxygen and lint fixed up. 
git-svn-id: file:///svn/unbound/trunk@4024 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 16:27:47 +00:00
Wouter Wijngaards
35ae8ef313 - Patch from Luiz Fernando Softov for Stats Shared Memory. 
- unbound-control stats_shm command prints stats using shared memory,
  which uses less cpu.


git-svn-id: file:///svn/unbound/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 12:05:05 +00:00
Wouter Wijngaards
14ec958b8f - Fix doc/CNAME-basedRedirectionDesignNotes.pdf zone static to 
redirect.


git-svn-id: file:///svn/unbound/trunk@4019 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 08:27:31 +00:00
Wouter Wijngaards
5b34bde1a4 - Fix #1224: Fix that defaults should not fall back to "Program Files 
(x86) if Unbound is 64bit by default on windows.


git-svn-id: file:///svn/unbound/trunk@4018 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-22 07:31:32 +00:00
Wouter Wijngaards
44cfd1d49b - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4017 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-21 14:15:05 +00:00
Wouter Wijngaards
7b1687ac0e trunk has 1.6.2 
git-svn-id: file:///svn/unbound/trunk@4016 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-21 14:06:48 +00:00
Wouter Wijngaards
648c15fbac - sldns updated for vfixed and buffer resize indication from getdns. 
git-svn-id: file:///svn/unbound/trunk@4014 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-16 09:48:03 +00:00
Wouter Wijngaards
34fd9dd88d - sldns has ED25519 and ED448 algorithm number and name for display. 
git-svn-id: file:///svn/unbound/trunk@4013 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-15 09:38:15 +00:00
Wouter Wijngaards
37799b8560 tag 1.6.1rc3 
git-svn-id: file:///svn/unbound/trunk@4011 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-14 13:42:46 +00:00
Wouter Wijngaards
f97dcc8e40 - Fix autoconf of systemd check for lack of pkg-config. 
git-svn-id: file:///svn/unbound/trunk@4009 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-13 10:15:01 +00:00
Wouter Wijngaards
86dcdaae33 - Fix dnstap for warning of set but not used. 
git-svn-id: file:///svn/unbound/trunk@4007 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-10 08:26:59 +00:00
Wouter Wijngaards
e338cb00f3 - Fix pythonmod for typedef changes. 
git-svn-id: file:///svn/unbound/trunk@4005 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-10 07:58:38 +00:00
Wouter Wijngaards
d3edcc3fab - tag 1.6.1rc1. 
git-svn-id: file:///svn/unbound/trunk@4003 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-09 08:54:28 +00:00
Wouter Wijngaards
e6a54f732e - Fix for type name change and fix warning on windows compile. 
git-svn-id: file:///svn/unbound/trunk@4002 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-08 13:55:28 +00:00
Wouter Wijngaards
367c3f034e - Include root trust anchor id 20326 in unbound-anchor. 
git-svn-id: file:///svn/unbound/trunk@4000 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-07 15:22:31 +00:00
Wouter Wijngaards
4b22dcb7ad - Fix compile on solaris of the fix to use $host detect. 
git-svn-id: file:///svn/unbound/trunk@3998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-06 12:48:42 +00:00
Wouter Wijngaards
86c28f2d57 - fix root_anchor test for updated icannbundle.pem lower certificates. 
git-svn-id: file:///svn/unbound/trunk@3997 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-03 09:33:32 +00:00
Wouter Wijngaards
4c17395deb - Fix 1211: Fix can't enable interface-automatic if no IPv6 with 
more helpful error message.


git-svn-id: file:///svn/unbound/trunk@3995 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-26 11:03:06 +00:00
Wouter Wijngaards
929b623e59 - Increase MAX_MODULE to 16. 
git-svn-id: file:///svn/unbound/trunk@3993 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-20 07:33:54 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
Wouter Wijngaards
5d522b0017 - Fix to Rename ub_callback_t to ub_callback_type, because POSIX 
reserves _t typedefs.


git-svn-id: file:///svn/unbound/trunk@3988 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 09:08:15 +00:00
Wouter Wijngaards
8e23542b85 - Fix #1206: Some view-related commands are missing from 'unbound-control -h' 
git-svn-id: file:///svn/unbound/trunk@3986 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-12 15:56:05 +00:00
Wouter Wijngaards
ef80a99397 - Fix to also block meta types 128 through to 248 with formerr. 
git-svn-id: file:///svn/unbound/trunk@3985 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-12 08:12:39 +00:00
Wouter Wijngaards
ba11247f93 - Fix #1202: Fix code comment that packed_rrset_data is not always 
'packed'.


git-svn-id: file:///svn/unbound/trunk@3984 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-09 09:47:06 +00:00
Wouter Wijngaards
e5431ca7e5 - Fix #1201: Fix missing unlock in answer_from_cache error condition. 
git-svn-id: file:///svn/unbound/trunk@3983 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-06 15:50:39 +00:00
Wouter Wijngaards
3a1ffe4c69 - Fix #1185: Source IP rate limiting, patch from Larissa Feng. 
git-svn-id: file:///svn/unbound/trunk@3981 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 13:57:12 +00:00
Wouter Wijngaards
9b4b0de746 - Fix #1184: Log DNS replies. This includes the same logging 
information that DNS queries and response code and response size,
  patch from Larissa Feng.


git-svn-id: file:///svn/unbound/trunk@3980 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 11:39:54 +00:00
Wouter Wijngaards
5adb2dc4cf - Fix to return formerr for queries for meta-types, to avoid 
packet amplification if this meta-type is sent on to upstream.


git-svn-id: file:///svn/unbound/trunk@3978 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 08:14:34 +00:00
Wouter Wijngaards
5839981255 - Fix reload chdir failure when also chrooted to that directory. 
git-svn-id: file:///svn/unbound/trunk@3976 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:46:00 +00:00
Wouter Wijngaards
cd7db58ce3 - configure --enable-systemd and lets unbound use systemd sockets if 
you enable use-systemd: yes in unbound.conf.
  Also there are contrib/unbound.socket and contrib/unbound.service:
  systemd files for unbound, install them in /usr/lib/systemd/system.
  Contributed by Sami Kerola and Pavel Odintsov.



git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:43:29 +00:00
Wouter Wijngaards
3d74d8e95b - Fix #1194: Cross build fails when $host isn't uname for getentropy. 
git-svn-id: file:///svn/unbound/trunk@3974 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-02 08:51:50 +00:00
Ralph Dolmans
b4b2c18909 - Fix #1190: Do not echo back EDNS options in local-zone error response. 
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3972 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-23 11:46:54 +00:00
Ralph Dolmans
95d5334783 - Fix #1188: Unresolved symbol 'fake_dsa' in libunbound.so when built with 
Nettle


git-svn-id: file:///svn/unbound/trunk@3971 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-21 10:29:19 +00:00
Ralph Dolmans
6f757b28f3 - Fix #1191: remove comment about view deletion. 
git-svn-id: file:///svn/unbound/trunk@3970 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-19 11:37:05 +00:00
Wouter Wijngaards
db2cf53e7b - Fix inet_ntop and inet_pton warnings in windows compile. 
git-svn-id: file:///svn/unbound/trunk@3969 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-15 13:10:58 +00:00
Wouter Wijngaards
33ba1f38d6 - 64bit is default for windows builds. 
git-svn-id: file:///svn/unbound/trunk@3968 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-15 11:34:24 +00:00
Wouter Wijngaards
3d680a6d82 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@3967 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-15 08:43:33 +00:00
Wouter Wijngaards
c9bcf1b3f7 trunk is 1.6.1 
git-svn-id: file:///svn/unbound/trunk@3966 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-15 08:43:04 +00:00
Wouter Wijngaards
242b255aac note release. 
git-svn-id: file:///svn/unbound/trunk@3965 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-15 08:41:43 +00:00
Wouter Wijngaards
5351f69e49 - Fix #1178: attempt to fix setup error at end, pop result values 
at end of install.


git-svn-id: file:///svn/unbound/trunk@3963 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-14 08:55:44 +00:00
Wouter Wijngaards
631d2b4214 - Fix unbound-control and ipv6 only. 
git-svn-id: file:///svn/unbound/trunk@3962 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-13 14:21:15 +00:00
Wouter Wijngaards
235e1399eb - Fix #1182: Fix Resource leak (socket), at startup. 
git-svn-id: file:///svn/unbound/trunk@3961 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-13 12:55:55 +00:00
Wouter Wijngaards
41d174b7f6 - Fix #1176: stack size too small for Alpine Linux. 
git-svn-id: file:///svn/unbound/trunk@3959 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-09 10:09:01 +00:00
Wouter Wijngaards
07bbd6c95a - Fix downcast warnings from visual studio in sldns code. 
git-svn-id: file:///svn/unbound/trunk@3957 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-08 08:49:12 +00:00
Ralph Dolmans
f761bc3cdd - Fix remote control without certificate for LibreSSL 
git-svn-id: file:///svn/unbound/trunk@3956 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-07 14:13:01 +00:00
Ralph Dolmans
4f487cf746 Add DSA support for OpenSSL 1.1 
git-svn-id: file:///svn/unbound/trunk@3954 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-07 12:58:47 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Ralph Dolmans
3b96c4c9cd - Fix #1173: differ local-zone type deny from unset tag_actions element. 
git-svn-id: file:///svn/unbound/trunk@3945 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-05 14:48:49 +00:00
Wouter Wijngaards
b7a314a7dc - Fix #1170: document that 'inform' local-zone uses local-data. 
git-svn-id: file:///svn/unbound/trunk@3944 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-05 12:59:08 +00:00
Ralph Dolmans
e500340621 - hyphen as minus fix, by Andreas Schulze 
git-svn-id: file:///svn/unbound/trunk@3942 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-01 09:34:02 +00:00
Ralph Dolmans
61b23e3811 - Added local-zones and local-data bulk addition and removal functionality in 
unbound-control (local_zones, local_zones_remove, local_datas and
  local_datas_remove).                                   
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3941 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-30 11:22:29 +00:00
Wouter Wijngaards
6450a5b191 - braces in view.c around lock statements. 
git-svn-id: file:///svn/unbound/trunk@3939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-29 15:28:25 +00:00
Wouter Wijngaards
e502757963 - version 1.6.0 is in the development branch. 
git-svn-id: file:///svn/unbound/trunk@3938 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-29 13:33:09 +00:00
Wouter Wijngaards
3815009cf1 - new install-sh. 
git-svn-id: file:///svn/unbound/trunk@3937 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-28 09:52:02 +00:00
Wouter Wijngaards
92bff79d3d - Fix that with openssl 1.1 control-use-cert: no uses less cpu, by 
using no encryption over the unix socket.


git-svn-id: file:///svn/unbound/trunk@3936 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-25 16:14:14 +00:00
Wouter Wijngaards
a6e3ed1025 - patch from Dag-Erling Smorgrav that removes code that relies 
on sbrk().


git-svn-id: file:///svn/unbound/trunk@3934 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 15:50:07 +00:00
Ralph Dolmans
d3b85ed7d8 - Added unit test for QNAME minimisation + harden below nxdomain 
synergy.


git-svn-id: file:///svn/unbound/trunk@3933 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 13:53:51 +00:00
Ralph Dolmans
9581c39dcc - QNAME minimisation uses QTYPE=A, therefore always check cache for 
this type in harden-below-nxdomain functionality.


git-svn-id: file:///svn/unbound/trunk@3932 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 10:50:53 +00:00
Ralph Dolmans
3e5cf4da0b - Make access-control-tag-data RDATA absolute. This makes the RDATA origin 
consistent between local-data and access-control-tag-data.
- Fix NSEC ENT wildcard check. Matching wildcard does not have to be a subdomain
  of the NSEC owner.



git-svn-id: file:///svn/unbound/trunk@3930 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 10:10:48 +00:00
Wouter Wijngaards
632e60eccd - Fix unit tests for DS hash processing for fake-dsa test option. 
git-svn-id: file:///svn/unbound/trunk@3929 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 08:23:24 +00:00
Wouter Wijngaards
f4673d87ce - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3928 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 08:22:49 +00:00
Wouter Wijngaards
3132937112 - Fix #1158: reference RFC 8020 "NXDOMAIN: There Really Is Nothing 
Underneath" for the harden-below-nxdomain option.



git-svn-id: file:///svn/unbound/trunk@3927 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-21 09:53:43 +00:00
Ralph Dolmans
e6678abba6 - Fix #1155: test status code of unbound-control in 04-checkconf, not the status 
code from the tee command.


git-svn-id: file:///svn/unbound/trunk@3926 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-10 11:20:27 +00:00
Wouter Wijngaards
ba274dd312 - Note that for harden-below-nxdomain the nxdomain must be secure, 
this means nsec3 with optout is insufficient.


git-svn-id: file:///svn/unbound/trunk@3925 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 14:49:43 +00:00
Ralph Dolmans
efe248c46a - Added stub-ssl-upstream and forward-ssl-upstream options. 
git-svn-id: file:///svn/unbound/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 12:07:52 +00:00
Wouter Wijngaards
68e4ef21db - Fix #1154: segfault when reading config with duplicate zones. 
git-svn-id: file:///svn/unbound/trunk@3922 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 08:16:55 +00:00
Wouter Wijngaards
fa81710d16 - configure detects ssl security level API function in the autoconf 
manner.  Every function on its own, so that other libraries (eg.
  LibreSSL) can develop their API without hindrance.


git-svn-id: file:///svn/unbound/trunk@3921 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 08:05:42 +00:00
Ralph Dolmans
589eabc0cb Set openssl security level to 0 when using aNULL ciphers 
git-svn-id: file:///svn/unbound/trunk@3919 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-03 16:59:00 +00:00