upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
8126 commits 23 branches 209 tags 123 MiB
Commit graph

123 commits

Author SHA1 Message Date
W.C.A. Wijngaards
feeebc95f8 - Fix for #1344: Fix that respip and dns64 can be enabled at the 
same time, the client info is copied for attach_sub and add_sub
  calls. That makes respip work on dns64 synthesized answers, and
  also makes RPZ work with DNS64. The order for the modules is
  module-config: "respip dns64 validator iterator".
 2025-09-30 11:28:15 +02:00
W.C.A. Wijngaards
187aa52859 - Fix #1344: module conf 'respip dns64 validator cachedb iterator' 
is not known to work.
 2025-09-29 16:11:50 +02:00
W.C.A. Wijngaards
a04bd5da29 - Fix to check control-interface addresses in unbound-checkconf. 2025-06-16 12:43:31 +02:00
Yorgos Thessalonikefs
342a0f48e3 - Add more checks about respip in unbound-checkconf. 
Also fixes #310: unbound-checkconf not reporting RPZ configuration
  error.
 2025-05-20 16:21:02 +02:00
Yorgos Thessalonikefs
5dd14e2644 - Sync unbound and unbound-checkconf log output for unknown modules. 2025-05-05 14:47:12 +02:00
Yorgos Thessalonikefs
048c193243 - Use the same interface listening port discovery code for all needed 
protocols.
- Port to string only when needed before getaddrinfo().
 2025-01-21 10:04:30 +01:00
W.C.A. Wijngaards
ff653a7ef8 Call module init init again, and new function startup and destartup. 
NULL can be used if the function is not used. Open shared ports during
reload. Deinit is called during reload.
 2024-07-01 16:10:07 +02:00
W.C.A. Wijngaards
3953f827fb Merge branch 'master' of https://github.com/madroach/unbound into ipset-pf-support 2024-07-01 14:36:33 +02:00
Yorgos Thessalonikefs
cd4a017e96 - Fix #876: [FR] can unbound-checkconf be silenced when configuration 
is valid?
 2024-04-26 14:50:39 +02:00
W.C.A. Wijngaards
2e7714e80c - disable-edns-do, unbound-checkconf warns about disable-edns-do and DNSSEC 
validation that is enabled, and suggests to turn one off.
 2023-10-04 15:28:52 +02:00
George Thessalonikefs
adb4aeb609 - For #722: Minor fixes, formatting and refactoring. 2023-05-01 18:23:13 +02:00
Yorgos Thessalonikefs
c4e51a4cfe
PROXYv2 downstream support (#760) 2022-10-03 15:29:47 +02:00
George Thessalonikefs
c30bdff939 Initial commit for interface based ACL. 2022-09-11 20:21:32 +02:00
W.C.A. Wijngaards
91a5cc9a08 - Remove debug info from #618 fix. 2022-02-11 16:34:24 +01:00
W.C.A. Wijngaards
a0feea393a - Fix #618: enabling interface-automatic disables DNS-over-TLS. 
Adds the option to list interface-automatic-ports.
 2022-02-11 10:58:53 +01:00
W.C.A. Wijngaards
c7ae3ef156 - For #602: Allow the module-config "subnetcache validator cachedb 
iterator".
 2022-01-14 16:30:25 +01:00
W.C.A. Wijngaards
eccfe3e1f5 - Fix #598: Fix unbound-checkconf fatal error: module conf 
'respip dns64 validator iterator' is not known to work.
 2022-01-05 16:14:47 +01:00
George Thessalonikefs
31bac7d5ca - Fix #574: Review fixes for size allocation. 2021-12-01 04:31:58 +01:00
W.C.A. Wijngaards
8648db9583 - Fix #574: Review fix for spelling. 2021-11-29 16:11:32 +01:00
W.C.A. Wijngaards
766c3164a3 - Fix #574: Review fixes for it. 2021-11-29 15:26:07 +01:00
W.C.A. Wijngaards
b48d6760fc - Fix #574: Review fixes for it. 2021-11-29 15:13:14 +01:00
W.C.A. Wijngaards
dcad9d5863 - Fix #574: unbound-checkconf reports fatal error if interface names 
are used as value for interfaces:
 2021-11-29 14:59:39 +01:00
W.C.A. Wijngaards
a64cbe958d - Fix lock debug code for gcc sanitizer reports. 2021-09-10 15:11:30 +02:00
George Thessalonikefs
b774d97b3c - Fix documentation comment for files previously residing in checkconf/. 2021-04-13 13:59:08 +02:00
Christopher Zimmermann
1d23e0c920 Merge remote-tracking branch 'upstream/master' 2021-02-03 13:19:19 +01:00
W.C.A. Wijngaards
e09873e0c8 zonemd, zonemds are checked at start 2020-10-22 12:10:46 +02:00
W.C.A. Wijngaards
c0c722cd97 DLV removal 2020-08-04 09:05:09 +02:00
W.C.A. Wijngaards
d84529cc0e - Review fixes for checkconf #259 change. 2020-07-07 10:18:56 +02:00
W.C.A. Wijngaards
4d009e19fc - Fix #259: Fix unbound-checkconf does not check view existence. 
unbound-checkconf checks access-control-view, access-control-tags,
  access-control-tag-actions and access-control-tag-datas.
- Fix offset of error printout for access-control-tag-datas.
 2020-07-07 09:00:04 +02:00
W.C.A. Wijngaards
a77ebed550 - For PR #93: checkconf allows python dynlib in module-config, for 
a couple cases.
 2020-05-18 10:18:28 +02:00
W.C.A. Wijngaards
84e95d6c68 - For PR #93: checkconf allow multiple dynlib in module-config, for 
a couple cases.
 2020-05-18 10:16:40 +02:00
W.C.A. Wijngaards
01db6c365c - For PR #93: dynlibmod can handle reloads and deinit and inits again, 
with dlclose and dlopen of the library again.  Also for multiple
  modules.  Fix memory leak by not closing dlopened content.  Fix
  to allow one dynlibmod instance by unbound-checkconf.
 2020-05-18 10:11:16 +02:00
Christopher Zimmermann
c96e4ca121 allow privileged initialisation of modules 2020-05-10 22:30:25 +02:00
W.C.A. Wijngaards
cca5cfc88f - Fix compile on Solaris for unbound-checkconf. 2020-03-23 17:26:06 +01:00
W.C.A. Wijngaards
e4268663e6 - Fix #192: In the unbound-checkconf tool, the module config of 
dns64 subnetcache respip validator iterator is whitelisted, it was
  reported it seems to work.
 2020-03-16 09:44:38 +01:00
W.C.A. Wijngaards
318d4e91cc - Fix #165: Add prefer-ip4: yesno config option to prefer ipv4 for 
using ipv4 filters, because the hosts ip6 netblock /64 is not owned
  by one operator, and thus reputation is shared.
 2020-02-25 09:55:59 +01:00
Ralph Dolmans
b770699319 typo fix 2020-02-17 13:38:01 +01:00
Ralph Dolmans
fe5370a98a - Add respip to supported module-config options in unbound-checkconf. 2020-02-17 13:36:30 +01:00
W.C.A. Wijngaards
2665ae0414 - Stop unbound-checkconf from insisting that auth-zone and rpz 
zonefiles have to exist.  They can not exist, and download later.
 2020-02-14 07:57:57 +01:00
Ralph Dolmans
2b5cd8e9b4 Merge remote-tracking branch 'ralph/feature/rpz' into rpz 2019-09-09 17:11:26 +02:00
W.C.A. Wijngaards
bdb6c153e4 - Please doxygen's parser for "@" occurrence in doxygen comment. 2019-08-16 12:21:40 +02:00
Ralph Dolmans
a16111d471 Prevent potential double free 2019-08-16 12:13:30 +02:00
Ralph Dolmans
a8d6147ae4 - Added RPZ response IP support 2019-07-16 18:43:16 +02:00
W.C.A. Wijngaards
36819adcc2 Nicer spelling and layout. 2019-06-25 15:14:07 +02:00
W.C.A. Wijngaards
da46ea24d5 - For #45, check that 127.0.0.1 and ::1 are not used in unbound.conf 
when do-not-query-localhost is turned on, or at default on,
  unbound-checkconf prints a warning if it is found in forward-addr or
  stub-addr statements.
 2019-06-25 14:50:49 +02:00
Kevin Chu
1a48bdebb5 Add support for ipset 2019-05-02 19:43:30 +08:00
Ralph Dolmans
74f11b852c - apply chroot to auth-zone zonefile in unbound-checkconf 2019-04-11 15:07:49 +02:00
Wouter Wijngaards
81ded6124d - Fix that unbound-checkconf does not complains if the config file 
is not placed inside the chroot.


git-svn-id: file:///svn/unbound/trunk@4995 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-29 12:55:13 +00:00
Wouter Wijngaards
a07337fd6d Breakout at end. 
git-svn-id: file:///svn/unbound/trunk@4845 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 09:07:31 +00:00
Wouter Wijngaards
c580e0e33c Fixup 
git-svn-id: file:///svn/unbound/trunk@4843 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 08:46:13 +00:00