unbound

mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-23 16:20:26 -05:00

Author	SHA1	Message	Date
Wouter Wijngaards	a92e9692c1	fix noview. git-svn-id: file:///svn/unbound/trunk@4543 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-02-19 13:30:38 +00:00
Wouter Wijngaards	54bd1fdd62	- tls-cert-bundle option in unbound.conf enables TLS authentication. git-svn-id: file:///svn/unbound/trunk@4532 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-02-13 10:35:09 +00:00
Ralph Dolmans	77f78152ee	- Aggressive use of NSEC implementation. Use cached NSEC records to generate NXDOMAIN, NODATA and positive wildcard answers. git-svn-id: file:///svn/unbound/trunk@4522 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-02-08 13:16:36 +00:00
Wouter Wijngaards	0362614f94	auth zone, make depend, fallback, create and delete, and lease_time, and lock fixes. git-svn-id: file:///svn/unbound/trunk@4466 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-01-30 10:35:20 +00:00
Wouter Wijngaards	b37bc47eaa	- Work on local root zone code. git-svn-id: file:///svn/unbound/trunk@4376 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-10-17 15:16:31 +00:00
Wouter Wijngaards	8752326d8c	Turn duplicates into warnings for dnscrypt, and fix declaration and code mix warning. git-svn-id: file:///svn/unbound/trunk@4374 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-10-17 07:36:51 +00:00
Wouter Wijngaards	52e2331dd4	- [dnscrypt] prevent dnscrypt-secret-key, dnscrypt-provider-cert duplicates - [dnscrypt] introduce dnscrypt-provider-cert-rotated option, from Manu Bretelle. This option allows handling multiple cert/key pairs while only distributing some of them. In order to reliably match a client magic with a given key without strong assumption as to how those were generated, we need both key and cert. Likewise, in order to know which ES version should be used. On the other hand, when rotating a cert, it can be desirable to only serve the new cert but still be able to handle clients that are still using the old certs's public key. The `dnscrypt-provider-cert-rotated` allow to instruct unbound to not publish the cert as part of the DNS's provider_name's TXT answer. git-svn-id: file:///svn/unbound/trunk@4373 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-10-17 07:34:49 +00:00
Wouter Wijngaards	ee8f07a686	- Fix #1440 : [dnscrypt] client nonce cache. git-svn-id: file:///svn/unbound/trunk@4351 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-09-18 08:55:08 +00:00
Wouter Wijngaards	c49226613b	- Fix #1435 : Please allow UDP to be disabled separately upstream and downstream. git-svn-id: file:///svn/unbound/trunk@4349 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-09-18 08:42:24 +00:00
Wouter Wijngaards	7d17a926ac	- Spelling fixes, from Phil Porada. git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-09-15 14:29:28 +00:00
Wouter Wijngaards	e583448a6d	les and bison. git-svn-id: file:///svn/unbound/trunk@4329 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-08-31 11:59:38 +00:00
Wouter Wijngaards	5797c77f55	yacc 1.9 and flex 2.6.1. git-svn-id: file:///svn/unbound/trunk@4296 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-08-08 09:09:45 +00:00
Wouter Wijngaards	c52c07c086	- Fix #1350 : make cachedb backend configurable (from JINMEI Tatuya). git-svn-id: file:///svn/unbound/trunk@4275 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-07-17 08:21:19 +00:00
Wouter Wijngaards	cf0429f3e1	and yacc, lex it. git-svn-id: file:///svn/unbound/trunk@4232 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-06-16 07:56:28 +00:00
Ralph Dolmans	998793998d	- Added domain name based ECS whitelist. git-svn-id: file:///svn/unbound/trunk@4217 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-06-08 14:44:55 +00:00
Wouter Wijngaards	7641f23f87	- updated configure, dependencies and flex output. git-svn-id: file:///svn/unbound/trunk@4159 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-05-16 13:21:10 +00:00
Ralph Dolmans	a511d5d95e	- Implemented trust anchor signaling using key tag query. git-svn-id: file:///svn/unbound/trunk@4134 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-04-26 12:58:13 +00:00
Ralph Dolmans	a2bc93547f	- Generalise inplace callback (de)registration - (de)register inplace callbacks for module id - No unbound-control set_option for ECS options - Deprecated client-subnet-opcode config option - Introduced client-subnet-always-forward config option - Changed max-client-subnet-ipv6 default to 56 (as in RFC) - Removed extern ECS config options - module_restart_next now calls clear on all following modules - Also create ECS module qstate on module_event_pass event git-svn-id: file:///svn/unbound/trunk@4092 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-04-06 13:13:06 +00:00
Ralph Dolmans	b0fd814975	- Merge EDNS Client subnet implementation from feature branch into main branch, using new EDNS processing framework. git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-03-21 12:08:17 +00:00
Wouter Wijngaards	86f0baf146	- make depend, autoconf, remove warnings about statement before var. git-svn-id: file:///svn/unbound/trunk@4066 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-03-20 15:09:06 +00:00
Wouter Wijngaards	52dd15dd87	- Patch for view functionality for local-data-ptr from Björn Ketelaars. git-svn-id: file:///svn/unbound/trunk@4063 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-03-17 08:01:40 +00:00
Wouter Wijngaards	6c456aa15e	- Add trustanchor.unbound CH TXT that gets a response with a number of TXT RRs with a string like "example.com. 2345 1234" with the trust anchors and their keytags. git-svn-id: file:///svn/unbound/trunk@4051 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-03-16 09:17:58 +00:00
Wouter Wijngaards	05215e8e7d	- --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and DS records. NSEC3 is not disabled. - fake-sha1 test option; print warning if used. To make unit tests. git-svn-id: file:///svn/unbound/trunk@4043 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-03-09 13:18:08 +00:00
Wouter Wijngaards	cae9809e11	- Response actions based on IP address from Jinmei Tatuya (Infoblox). git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-03-07 14:58:51 +00:00
Wouter Wijngaards	35ae8ef313	- Patch from Luiz Fernando Softov for Stats Shared Memory. - unbound-control stats_shm command prints stats using shared memory, which uses less cpu. git-svn-id: file:///svn/unbound/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-02-23 12:05:05 +00:00
Wouter Wijngaards	3a1ffe4c69	- Fix #1185 : Source IP rate limiting, patch from Larissa Feng. git-svn-id: file:///svn/unbound/trunk@3981 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-01-05 13:57:12 +00:00
Wouter Wijngaards	9b4b0de746	- Fix #1184 : Log DNS replies. This includes the same logging information that DNS queries and response code and response size, patch from Larissa Feng. git-svn-id: file:///svn/unbound/trunk@3980 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-01-05 11:39:54 +00:00
Wouter Wijngaards	5839981255	- Fix reload chdir failure when also chrooted to that directory. git-svn-id: file:///svn/unbound/trunk@3976 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-01-03 13:46:00 +00:00
Wouter Wijngaards	cd7db58ce3	- configure --enable-systemd and lets unbound use systemd sockets if you enable use-systemd: yes in unbound.conf. Also there are contrib/unbound.socket and contrib/unbound.service: systemd files for unbound, install them in /usr/lib/systemd/system. Contributed by Sami Kerola and Pavel Odintsov. git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9	2017-01-03 13:43:29 +00:00
Ralph Dolmans	95d5334783	- Fix #1188 : Unresolved symbol 'fake_dsa' in libunbound.so when built with Nettle git-svn-id: file:///svn/unbound/trunk@3971 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-12-21 10:29:19 +00:00
Ralph Dolmans	efe248c46a	- Added stub-ssl-upstream and forward-ssl-upstream options. git-svn-id: file:///svn/unbound/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-11-04 12:07:52 +00:00
Wouter Wijngaards	680e14cb65	- log-identity: config option to set sys log identity, patch from "Robin H. Johnson" <robbat2@gentoo.org> git-svn-id: file:///svn/unbound/trunk@3917 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-11-03 08:51:40 +00:00
Wouter Wijngaards	27182d614b	- Fix unit tests for openssl 1.1, with no DSA, by faking DSA, enabled with the undocumented switch 'fake-dsa'. It logs a warning. git-svn-id: file:///svn/unbound/trunk@3909 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-10-26 07:38:00 +00:00
Wouter Wijngaards	a9a65800b8	- serve-expired config option: serve expired responses with TTL 0. git-svn-id: file:///svn/unbound/trunk@3903 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-10-24 12:43:20 +00:00
Ralph Dolmans	9c0944ec1e	- Added qname-minimisation-strict config option. git-svn-id: file:///svn/unbound/trunk@3878 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-10-11 11:32:50 +00:00
Ralph Dolmans	b587c7f72d	Added views functionality. git-svn-id: file:///svn/unbound/trunk@3876 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-10-05 09:36:25 +00:00
Wouter Wijngaards	b6b3e2b914	- For #787 : prefer-ip6 option for unbound.conf prefers to send upstream queries to ipv6 servers. git-svn-id: file:///svn/unbound/trunk@3803 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-07-04 14:49:49 +00:00
Wouter Wijngaards	c697604224	- Fix #784 : Build configure assumess that having getpwnam means there is endpwent function available. - Updated repository with newer flex and bison output. git-svn-id: file:///svn/unbound/trunk@3799 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-06-27 08:00:55 +00:00
Ralph Dolmans	54b820773c	- Possibility to specify local-zone types for an acl/tag pair - Possibility to specify (override) local-zone types for a source address block git-svn-id: file:///svn/unbound/trunk@3797 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-06-24 19:08:58 +00:00
Wouter Wijngaards	5d2dc481ef	- document directory immediate fix and allow EXECUTABLE syntax in it on windows. git-svn-id: file:///svn/unbound/trunk@3779 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-06-10 13:37:14 +00:00
Wouter Wijngaards	6ff2a2e407	Fixup for chroot git-svn-id: file:///svn/unbound/trunk@3776 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-06-09 23:16:45 +00:00
Wouter Wijngaards	12f96dc321	- In unbound.conf directory: dir immediately changes to that directory, so that include: file below that is relative to that directory. With chroot, make the directory an absolute path inside chroot. git-svn-id: file:///svn/unbound/trunk@3775 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-06-09 22:59:07 +00:00
Wouter Wijngaards	0e97374466	- access-control-tag-action and access-control-tag-data config directives. - make depend git-svn-id: file:///svn/unbound/trunk@3759 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-06-06 13:47:24 +00:00
Wouter Wijngaards	65bcb9b0ca	- local-zone-override config directive. git-svn-id: file:///svn/unbound/trunk@3758 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-06-06 10:00:25 +00:00
Wouter Wijngaards	415fc52b08	- access-control-tag config directive. git-svn-id: file:///svn/unbound/trunk@3754 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-06-06 08:33:59 +00:00
Wouter Wijngaards	58a1b9928c	- remove memory leak from lame-check patch. git-svn-id: file:///svn/unbound/trunk@3726 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-05-24 13:07:13 +00:00
Wouter Wijngaards	7fcec8102f	- disable-dnssec-lame-check config option from Charles Walker. git-svn-id: file:///svn/unbound/trunk@3725 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-05-24 12:17:42 +00:00
Wouter Wijngaards	46d476b0c2	define-tag and local-zone-tag configuration. git-svn-id: file:///svn/unbound/trunk@3708 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-04-21 09:49:02 +00:00
Wouter Wijngaards	9f8b2bb468	- ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for binding to an IP address while the interface or address is down. git-svn-id: file:///svn/unbound/trunk@3673 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-03-15 09:35:48 +00:00
Wouter Wijngaards	785697de82	- insecure-lan-zones: yesno config option, patch from Dag-Erling Smørgrav. git-svn-id: file:///svn/unbound/trunk@3619 be551aaa-1e26-0410-a405-d3ace91eadb9	2016-02-09 13:25:59 +00:00

1 2 3

137 commits