upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
8126 commits 23 branches 209 tags 123 MiB
Commit graph

1043 commits

Author SHA1 Message Date
George Thessalonikefs
fbc0256825 - For #762: Cleaner manpage text and uniform use of the term DNS 
Cookies.
 2023-08-05 20:00:37 +02:00
George Thessalonikefs
8580a74b37 - For #762: Introduce rpl testing for DNS Cookies. 2023-08-05 19:50:57 +02:00
George Thessalonikefs
00a08beee9 - For #762: Ignore util/siphash.c for the 01-doc test. 2023-08-01 17:40:49 +02:00
George Thessalonikefs
2cc9563cf8 - Fix to use the now cached EDE, if any, for CD_bit queries. 2023-08-01 15:23:25 +02:00
George Thessalonikefs
8936f3496e - For #790: clean testcase. 2023-07-31 09:41:57 +02:00
George Thessalonikefs
f97927a47e Merge branch 'master' into features/ede-caching-cachedb 2023-07-30 14:17:52 +02:00
George Thessalonikefs
66c95e8081 - Review for #790: replace tdir tests with simpler rpl tests. 2023-07-28 16:54:05 +02:00
George Thessalonikefs
95604a90e8 Review for #759: 
- Keep EDE information for keys close to key creation.
- Fix inconsistencies between reply and cached EDEs.
- Incorporate EDE caching checks in EDE tests.
- Fix some EDE cases where missing DNSKEY was wrongly reported.
 2023-07-19 15:20:44 +02:00
George Thessalonikefs
15b8d8b96a Merge branch 'master' into features/ede-caching 2023-07-13 11:25:59 +02:00
George Thessalonikefs
7240ecbeb0 - Merge #664 from tilan7763: Add prefetch support for subnet cache 
entries.
- For #664: Easier code flow for subnetcache prefetching.
- For #664: Add testcase.
- For #664: Rename subnet_prefetch tests to subnet_global_prefetch to
  differentiate from the new subnet prefetch support.
 2023-07-11 14:31:49 +02:00
George Thessalonikefs
a952ac17be Merge branch 'tilan7663-subnet_cache_prefetch' into subnet_cache_prefetch 2023-07-07 16:50:58 +02:00
George Thessalonikefs
40e47bf767 - For #664: easier code flow for subnetcache prefetching. 
- For #664: add testcase.
 2023-07-06 22:22:21 +02:00
George Thessalonikefs
0afe58a06e - Skip the 00-lint test. splint is not maintained; it either does not 
work or produces false positives. Static analysis is handled in the
  clang test.
 2023-07-03 15:38:16 +02:00
George Thessalonikefs
2069271384 - Merge #802: add validation EDEs to queries where the CD bit is set. 
- For #802: Cleanup comments and add RCODE check for CD bit test case.
 2023-07-03 14:48:39 +02:00
George Thessalonikefs
014db3fb03 - For #802: Cleanup comments and add RCODE check for CD bit test case. 2023-07-03 14:40:01 +02:00
George Thessalonikefs
ade710a9fd - For #739: minor cleanup for testcases. 2023-07-03 10:10:16 +02:00
George Thessalonikefs
31d38d2cfe Merge branch 'master' into features/dohpath-for-unbound 2023-06-30 11:50:23 +02:00
George Thessalonikefs
41dac805f5 - Merge #892: Add cachedb hit stat. Introduces 'num.query.cachedb' as 
a new statistical counter.
 2023-06-27 12:46:26 +02:00
W.C.A. Wijngaards
f9317d65b3 - Fix for uncertain unit test for doh buffer size events. 2023-06-12 12:39:00 +02:00
Yorgos Thessalonikefs
65230bd117
Review comment for testdata/stat_values.tdir/stat_values.test 
Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2023-05-31 17:09:16 +02:00
George Thessalonikefs
3c3fd7a795 - More predictable testing for cachedb. 2023-05-30 23:33:48 +02:00
George Thessalonikefs
4f52be4db9 - Introduce num.query.cachedb to track cache hits for the external cache. 2023-05-30 17:49:50 +02:00
W.C.A. Wijngaards
da78c42f88 - Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR. 2023-05-19 14:38:41 +02:00
George Thessalonikefs
20184483df Merge branch 'eqvinox-nat64' 2023-05-01 18:24:05 +02:00
George Thessalonikefs
adb4aeb609 - For #722: Minor fixes, formatting and refactoring. 2023-05-01 18:23:13 +02:00
W.C.A. Wijngaards
70c2b587fc - Fix RPZ IP responses with trigger rpz-drop on cache entries, that 
they are dropped.
 2023-05-01 09:26:17 +02:00
Philip Homburg
4a04ba813a Merge branch '0ttl' 2023-04-26 17:14:15 +02:00
George Thessalonikefs
e1ec3cf893 Merge branch 'nat64' of https://github.com/eqvinox/unbound into eqvinox-nat64 2023-04-26 15:14:39 +02:00
W.C.A. Wijngaards
7033234a48 - Fix for #870: Add test case for the qname minimisation and CNAME. 2023-04-06 10:04:04 +02:00
Philip Homburg
1ac9b7548b Small fixes from Wouter's review 2023-03-23 15:15:54 +01:00
Philip Homburg
072be3300f Tests for serve-expired in combination with new 0 TTL data. 2023-03-22 15:23:47 +01:00
Philip Homburg
fb187d1a60 Merge branch 'master' into ecs-serve-expired-bug 2023-02-21 09:28:13 +01:00
Philip Homburg
b89d0d1cce Test cache update from serve-expired and client-subnet-always-forward 2023-02-21 09:21:43 +01:00
George Thessalonikefs
96c70d91ca - Add testcase for refreshing expired error responses. 2023-02-09 12:44:01 +01:00
W.C.A. Wijngaards
e225e4bcab - Fix consistency of unit test without roundrobin answers for the 
cnametooptout unit test.
 2023-02-09 11:46:33 +01:00
W.C.A. Wijngaards
a8977df4d9 - Fix unit tests for spurious empty messages. 2023-02-09 10:38:55 +01:00
W.C.A. Wijngaards
4953daa016 - Fix to ignore entirely empty responses, and try at another authority. 
This turns completely empty responses, a type of noerror/nodata into
  a servfail, but they do not conform to RFC2308, and the retry can
  fetch improved content.
 2023-02-09 09:56:40 +01:00
George Thessalonikefs
24e6d1e18e - Add duration variable for speed_local.test. 2023-01-30 11:33:58 +01:00
W.C.A. Wijngaards
6afdc336ba - Fix test for new default. 2023-01-19 16:06:30 +01:00
W.C.A. Wijngaards
8df1e58209 - Add harden-unknown-additional option. Default on and it removes 
unknown records from the authority section and additional section.
  Thanks to Xiang Li, from NISL Lab, Tsinghua University.
 2023-01-19 14:59:18 +01:00
W.C.A. Wijngaards
ba6325f24f - Fix #823: Response change to NODATA for some ANY queries since 
1.12, tested on 1.16.1.
 2023-01-06 09:16:59 +01:00
George Thessalonikefs
7716d26d46 - Use an explicit 'reload_keep_cache' command and introduce test cases 
for #569.
 2022-12-14 16:33:28 +01:00
TCY16
dd3984eae9 add validation EDEs to CD bit queries 2022-12-05 11:41:17 +01:00
TCY16
a96c64d966 add subnetcache test and rename/improve cachedb test 2022-11-24 16:14:37 +01:00
George Thessalonikefs
896f7a8306 - Ignore expired error responses. 2022-11-22 17:44:55 +01:00
tcarpay
a7ac109e4e
Remove erroneous filepath in test 2022-11-22 12:11:55 +01:00
TCY16
79108f4c3d add ede cachedb test 2022-11-21 15:26:49 +01:00
TCY16
8b4a8493d0 Merge branch 'master' of github.com:NLnetLabs/unbound into features/ede-caching 2022-11-21 11:34:36 +01:00
David Lamparter
64fb06f892 NAT64 support 
This implements #721.  Includes documentation and some very basic tests.
Please refer to doc for further detail.
 2022-11-07 11:37:50 +00:00
TCY16
5bf4c505db remove value check 2022-10-28 17:40:18 +02:00
TCY16
5158876bfd Merge branch 'master' of github.com:NLnetLabs/unbound into features/dohpath-for-unbounid 2022-10-28 11:14:59 +02:00
W.C.A. Wijngaards
17e5dd6131 - Fix that cachedb does not store failures in the external cache. 2022-10-21 10:11:47 +02:00
W.C.A. Wijngaards
5ffa4d7232 - In unit test, print python script name list correctly. 2022-10-14 16:49:57 +02:00
W.C.A. Wijngaards
b043bc5eb4 - Fix to stop responses with TC flag from resulting in partial 
responses. It retries to fetch the data elsewhere, or fails the
  query and in depth fix removes the TC flag from the cached item.
 2022-10-06 10:01:09 +02:00
George Thessalonikefs
d122617dd4 - Fix checkconf test for dnscrypt and proxy port. 2022-10-05 22:03:01 +02:00
George Thessalonikefs
f609a45354 - Make ede.tdir test more predictable by using static data. 2022-10-05 02:44:50 +02:00
Yorgos Thessalonikefs
f1d263a318
Leniency for target discovery when under load (for NRDelegation changes) (#764) 
* - Introduce leniency for target discovery when under load.

* - Allow for easier testing (to be reverted).

* - Happy compiler.

* - Precheck access to target_fetch_policy.

* - Do not mark a nameserver as resolved when one of A/AAAA is negative.

* - Update fetch_glue.rpl test for (possible) outstanding queries.

* - Update fetch_glue_cname.rpl test for possible outstanding queries.

* - Better fix for fetch_glue_cname.rpl.

* - Fix iter_emptydp_for_glue.rpl to match the referral.

* - Disabled the nxns tests for now (to be reverted).

* - Update iter_recurse.rpl for possible outstanding queries.

* Revert "- Disabled the nxns tests for now (to be reverted)."

This reverts commit 34a9c13a90.

* Revert "- Allow for easier testing (to be reverted)."

This reverts commit b6dfe35e1d.
 2022-10-04 22:21:08 +02:00
W.C.A. Wijngaards
f0614a57f8 - Fix to clean up after the acl_interface unit test. 2022-10-04 16:59:10 +02:00
Yorgos Thessalonikefs
c4e51a4cfe
PROXYv2 downstream support (#760) 2022-10-03 15:29:47 +02:00
W.C.A. Wijngaards
a102fb1df8 - Fix to remove erroneous TC flag from TCP upstream. 2022-10-03 09:53:41 +02:00
TCY16
57c4f28f20 add happy-flow test 2022-09-21 16:21:48 +02:00
George Thessalonikefs
9b1647ebae - Convert tdir tests to use the new skip_test functionality. 2022-09-20 14:45:20 +02:00
George Thessalonikefs
d301bfe4a2 - ACL per interface: refactor, complete testing and a bugfix for 
interface names.
 2022-09-11 20:57:41 +02:00
George Thessalonikefs
fc123303ac - Add functionality to skip tdir tests from the .pre file; 
- Initial tests for interface-* options.
 2022-09-11 20:21:32 +02:00
TCY16
b642c5fe1f add better URI template checking 2022-08-25 14:06:13 +02:00
TCY16
f3fa363443 implement @gthess' review comments; fix check on compulsory text and add tests 2022-08-24 12:38:08 +02:00
TCY16
b465e0cfc0 add testcase and fix comment 2022-08-15 16:12:22 +02:00
TCY16
14fe4669e7 fix testcase comment 2022-08-12 14:09:00 +02:00
W.C.A. Wijngaards
0f08cc6d55 - Fix edns subnet so that scope 0 answers only match sourcemask 0 
queries for answers from cache if from a query with sourcemask 0.
 2022-08-02 14:13:55 +02:00
W.C.A. Wijngaards
cbed768b8f - Tests for ghost domain fixes. 2022-08-01 13:26:22 +02:00
W.C.A. Wijngaards
f6753a0f10 - Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699. 2022-08-01 13:24:40 +02:00
George Thessalonikefs
923eb7d474 - Allow fallback to the parent side when MAX_TARGET_NX is reached. 
This will also allow MAX_TARGET_NX more NXDOMAINs.
 2022-06-29 17:32:29 +02:00
George Thessalonikefs
58b21e4fca - Fix to not count cached NXDOMAIN for MAX_TARGET_NX. 2022-06-29 17:26:09 +02:00
George Thessalonikefs
b816318106 - Fix #704: [FR] Statistics counter for number of outgoing UDP queries 
sent; introduces 'num.query.udpout' to the 'unbound-control stats'
  command.
 2022-06-29 10:51:54 +02:00
George Thessalonikefs
12796d0af8 - Fix for cached 0 TTL records to not trigger prefetching when 
serve-expired-client-timeout is set.
 2022-06-28 17:05:28 +02:00
Philip Homburg
c806b5a2df Merge branch 'zone-parsers-blank-line-issue' 2022-06-21 15:32:35 +02:00
Yorgos Thessalonikefs
90767fce98
Merge pull request #688 from NLnetLabs/rpz-url-notify-issue 
Rpz url notify issue
 2022-06-14 17:53:01 +02:00
George Thessalonikefs
187bc72633 - Add testcase for allowing NOTIFY on URL addresses. 2022-06-14 17:44:37 +02:00
Philip Homburg
78b4b12713 Test loading a zone with blank lines over https 2022-06-14 17:05:03 +02:00
Philip Homburg
b8e111e379 Avoid network traffic during test, a bit of cleanup 2022-06-14 17:04:23 +02:00
Philip Homburg
c6ef39a22d Test loading a cached zone that has lines consisting of blanks 2022-06-08 14:45:30 +02:00
George Thessalonikefs
459b73018f - Fix for edns client subnet to respect not looking in its cache when 
instructed to do so (e.g., prefetch).
 2022-06-03 16:11:35 +02:00
W.C.A. Wijngaards
d19d7b81ec - Fix ede test to not use default pidfile, and use local interface. 2022-05-20 15:14:11 +02:00
W.C.A. Wijngaards
714200ad0e - Fix to silence test for ede error output to the console from the 
test setup script.
 2022-05-20 09:08:29 +02:00
George Thessalonikefs
daf316ea1b - Fix #417: prefetch and ECS causing cache corruption when used 
together.
 2022-05-12 00:56:01 +02:00
tcarpay
0ce36e8289
Add the basic EDE (RFC8914) cases (#604) 2022-05-06 12:48:53 +02:00
W.C.A. Wijngaards
e4ca71e85b - Fix zonemd check to allow unsupported algorithms to load. 
If there are only unsupported algorithms, or unsupported schemes,
  and no failed or successful other ZONEMD records, or malformed
  or bad ZONEMD records, the unsupported records allow the zone load.
 2022-04-08 09:29:37 +02:00
George Thessalonikefs
b8e7dfa01e - Various fixes for #632: variable initialisation, convert the qinfo 
to str once, accept trailing dot in the local-zone ipset option.
 2022-03-02 14:29:56 +01:00
George Thessalonikefs
0b8e6dafe5 - Added tests for ipset. 2022-03-02 13:08:16 +01:00
W.C.A. Wijngaards
4b772ed571 - Fix to detect that no IPv6 support means that IPv6 addresses are 
useless for delegation point lookups.
 2022-02-25 10:27:56 +01:00
W.C.A. Wijngaards
6de5310728 - Fix for #628: fix rpz-passthru for qname trigger by localzone type. 2022-02-16 09:51:25 +01:00
W.C.A. Wijngaards
2b90181d3a - Fix #628: A rpz-passthru action is not ending RPZ zone processing. 2022-02-15 16:20:12 +01:00
W.C.A. Wijngaards
c44fe07a07 - Fix #412: cache invalidation issue with CNAME+A. 2022-02-04 14:27:01 +01:00
George Thessalonikefs
b1feb9fb1e - Update stream_ssl.tdir test to also use the new forward-host notation. 2022-02-02 12:55:29 +01:00
George Thessalonikefs
32c3bbd249 - Change aggressive-nsec default to yes. 2022-02-02 11:25:08 +01:00
gthess
7ddd456f02
Fix typo from review 
Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2022-02-01 17:38:16 +01:00
George Thessalonikefs
c8a6234aac - Add tests for ratelimit. 2022-01-30 00:51:39 +01:00
W.C.A. Wijngaards
54ea2948da - Test for NSID in SERVFAIL response due to DNSSEC bogus. 2022-01-26 16:40:04 +01:00
George Thessalonikefs
de1e91fc7f - Fix EDNS to upstream where the same option could be attached more than 
once.
- Add a region to serviced_query for allocations.
 2022-01-14 13:55:34 +01:00
W.C.A. Wijngaards
33ef79d433 - Fix for #596: Fix rpz-signal-nxdomain-ra to work for clientip 
triggered operation.
 2022-01-05 16:48:35 +01:00
W.C.A. Wijngaards
adcbb6ced7 - Fix for #596: add unit test for nsip trigger and signal unset RA. 2022-01-05 14:31:42 +01:00
W.C.A. Wijngaards
c678c696a1 - Fix for #596: add unit test for nsdname trigger and signal unset RA. 2022-01-05 14:13:52 +01:00
W.C.A. Wijngaards
313bceb983 - Fix unit tests for rpz now that the AA flag returns successfully from 
the iterator loop.
 2022-01-05 13:39:06 +01:00
W.C.A. Wijngaards
6b2e96430e - Fix for #596: fix that rpz return message is returned and not just 
the rcode from the iterator return path. This fixes signal unset RA
  after a CNAME.
 2022-01-05 13:35:18 +01:00
W.C.A. Wijngaards
cbdc138df7 - Fix to add test for rpz-signal-nxdomain-ra. 2022-01-04 13:41:27 +01:00
George Thessalonikefs
2c1a5203a5 - Allow local-data for classes other than IN to inherit a configured 
local-zone's type if possible, instead of defaulting to type
  transparent as per the implicit rule.
 2021-12-10 17:35:36 +01:00
W.C.A. Wijngaards
778b50f113 - Add code similar to fix for ldns for tab between strings, for 
consistency, the test case was not broken.
 2021-12-10 09:12:58 +01:00
Dimitris Apostolou
c21d6af617
Fix typos 2021-11-13 16:56:15 +02:00
W.C.A. Wijngaards
f976fdee28 - Fix root_anchor test to check with new icannbundle date. 2021-09-08 17:26:30 +02:00
W.C.A. Wijngaards
204edd229e Merge branch 'feature/configure-outbound_msg_retry' of git://github.com/countsudoku/unbound into countsudoku-feature/configure-outbound_msg_retry 2021-09-08 14:38:36 +02:00
W.C.A. Wijngaards
a9de6879b8 Merge branch 'master' into rpz-triggers 2021-08-18 09:53:35 +02:00
W.C.A. Wijngaards
c8c2dfff22 - Fix zonemd verification of key that is not in DNS but in the zone 
and needs a chain of trust.
 2021-08-13 14:43:11 +02:00
gthess
3829faf679
Merge pull request #514 from ziollek/docker_for_run_test 
Docker environment for run tests
 2021-08-12 21:30:36 +02:00
Wouter Wijngaards
0ace659fe2
Merge pull request #519 from ziollek/tcp_upstream_option 
Support for selective enabling tcp-upstream for stub/forward zones
 2021-08-12 15:03:57 +02:00
W.C.A. Wijngaards
f232562430 Merge branch 'master' into rpz-triggers 2021-08-05 13:37:22 +02:00
Tomasz Ziolkowski
ae45f46b9e Add (stub|forward)-tcp-upstream options which enable using tcp transport only for specified stub/forward zones 2021-08-05 08:44:18 +02:00
W.C.A. Wijngaards
77fdd8836d - Fix unit test zonemd_reload for use in run_vm. 2021-08-04 16:26:21 +02:00
Tomasz Ziolkowski
3e310a17be Docker environment for run tests + enhancement for ssl_handshake 2021-07-27 12:06:08 +02:00
George Thessalonikefs
ca4d68c64c - Introduce 'http-user-agent:' and 'hide-http-user-agent:' options. 2021-07-16 14:32:18 +02:00
Tom Carpay
ab017cde0f Merge branch 'master' into svcb 2021-07-02 13:37:08 +02:00
Tom Carpay
a6020e4186 change test and error to be in line with new maximum svcb params (nparams >= MAX_NUMBER_OF_SVCPARAMS) 2021-07-02 11:21:19 +02:00
W.C.A. Wijngaards
658db66c3f - Fix up permissions on rpl data file in tests. 2021-06-25 08:45:03 +02:00
Tom Carpay
9cd15f7ebf remove tests for svcparam semantics 2021-06-24 15:20:32 +02:00
Tom Carpay
cebdf52c4e fix erroneous test 2021-06-24 10:00:12 +02:00
Tom Carpay
9beea6a00c fix key parsing and incorporate testcases 2021-06-07 14:05:14 +02:00
Tom Carpay
19c63fdaf6 add key parsing and edge case tests 2021-06-07 09:54:02 +02:00
George Thessalonikefs
2e87871678 - Fix test for zonemd-check option. 2021-06-01 18:02:10 +02:00
W.C.A. Wijngaards
cf0aad9fb6 Merge branch 'master' into rpz-triggers 2021-05-28 15:00:55 +02:00
W.C.A. Wijngaards
ea4f1ee8a6 - zonemd-check: yesno option, default no, enables the processing 
of ZONEMD records for that zone.
 2021-05-27 14:20:53 +02:00
Tom Carpay
71904eb0d4 add svcb tpkg tests 2021-05-25 15:44:49 +02:00
W.C.A. Wijngaards
0a6b22dc55 - rpz-triggers, rpz log and stats for nsip and clientip and nsdname. 2021-05-21 14:05:19 +02:00
W.C.A. Wijngaards
355526da7d - rpz-triggers, the added soa for client ip modified answers is affected 
by the minimal-responses config option.
 2021-05-14 16:34:38 +02:00
W.C.A. Wijngaards
50dcadd495 - rpz-triggers, for clientip modified answers the rpz SOA is added to the 
additional section with the serial number and name of the rpz zone that
  was applied.
 2021-05-14 15:34:48 +02:00
W.C.A. Wijngaards
9f40e93fe6 - rpz-triggers, use sec_status_insecure like respip, AA flag on RPZ responses. 2021-05-14 13:28:10 +02:00
W.C.A. Wijngaards
a2ea701f31 - rpz-triggers, fix what domain name to match for nsdname. 2021-04-01 13:11:51 +02:00
W.C.A. Wijngaards
14582d2445 - rpz-triggers, remove unused test. 2021-04-01 12:56:47 +02:00
W.C.A. Wijngaards
1c75e62804 - rpz-triggers, separate cache storage of RPZ records from network records. 2021-04-01 12:06:14 +02:00
W.C.A. Wijngaards
7f39003c04 - rpz triggers, implement qname trigger after cname. 2021-03-19 17:31:44 +01:00
W.C.A. Wijngaards
6f507eb036 Merge branch 'master' into rpz-triggers 2021-03-12 09:04:54 +01:00
W.C.A. Wijngaards
0927fe6fc4 - Fix parse of LOC RR type for decimetres. 2021-03-11 13:22:05 +01:00
W.C.A. Wijngaards
a06d761f74 - Fix to allow rpz with wildcard that applies to all TLDs at once. 2021-02-25 16:54:32 +01:00
W.C.A. Wijngaards
d3b5f287b1 zonemd, fix unit test to allow nonvalidating zone without zonemd with 
permissive mode for zonemd.
 2021-02-04 16:18:02 +01:00
W.C.A. Wijngaards
b7a633fdc0 Merge branch 'master' into zonemd 2021-02-04 16:08:11 +01:00
W.C.A. Wijngaards
0ea86f6ccb - Fix fwd ancil test post script when not supported. 2021-01-28 11:19:34 +01:00
George Thessalonikefs
b7acaaa9b8 - Update example.con.in and add a testcase for PR #275. 2021-01-25 19:26:19 +01:00
Willem Toorop
4694323b1c Test some different padding sizes 2021-01-24 20:17:44 +01:00
Willem Toorop
efc8022ca4 padding.tdir text in single TXT RR 
So the sentences are not re-ordered and the text makes sense!
 2021-01-24 18:29:00 +01:00
Willem Toorop
54b84381f4 tdir test for padding option 2021-01-24 18:12:08 +01:00
W.C.A. Wijngaards
dedc1e2340 zonemd, unit test for capitalisation of owner and ns names. 2021-01-22 14:40:21 +01:00
W.C.A. Wijngaards
20ff80c5bb zonemd, fix to detect duplicate zonemd scheme and algo RRs. 2021-01-22 14:36:53 +01:00
George Thessalonikefs
63a02f3a87 Merge branch 'negative_soa_ttl' 2021-01-22 12:39:16 +01:00
George Thessalonikefs
38e12229b8 - Feedback for PR #407. 2021-01-19 20:09:34 +01:00
Willem Toorop
68d51317fe rpl tests for nsid 2021-01-19 17:18:26 +01:00
George Thessalonikefs
9056613a79 - Fix TTL of SOA record for negative answers (localzone data and 
authzone) to be the minimum of the SOA TTL and the SOA.MINIMUM.
 2021-01-19 15:55:55 +01:00
W.C.A. Wijngaards
5e00d516fe - fix that testdata/rpz_qname.rpl trigger tests succeed. 2021-01-14 15:31:17 +01:00
W.C.A. Wijngaards
cdb60adcdc Merge branch 'rpz' of https://github.com/magenbluten/unbound into magenbluten-rpz 
Conflict fixed for rpz.disabled check added.
 2021-01-14 12:11:29 +01:00
W.C.A. Wijngaards
3322f631e5 - Fix #397: [Feature request] add new type always_null to local-zone 
similar to always_nxdomain.
 2021-01-12 13:35:05 +01:00
mb
78bcfdee64 rpz: fix local data lookup for nsdname 2020-11-27 12:22:56 +01:00
mb
714d546d1d rpz: add testbound nsdname script (stub) 2020-11-26 12:26:23 +01:00
W.C.A. Wijngaards
3c2b1fa801 - Remove debug commands from reuse tests. 2020-11-25 12:02:51 +01:00
mb
d6a69d77e2 rpz: minor cleanups 2020-11-25 11:45:33 +01:00
W.C.A. Wijngaards
e78957706c - Fix one port unit test for udp-connect. 2020-11-24 14:16:06 +01:00
mb
afc73e28d8 rpz: fix forged messages 2020-11-24 12:02:59 +01:00
Wouter Wijngaards
ead06af086 Merge branch 'master' into stream-reuse 2020-11-24 08:20:07 +01:00
W.C.A. Wijngaards
9423b5b8b2 Merge branch 'master' into stream-reuse 2020-11-23 09:49:26 +01:00
W.C.A. Wijngaards
dde9fade26 stream reuse, fix review comments. 2020-11-23 09:46:26 +01:00
W.C.A. Wijngaards
4445d9c5aa stream reuse, fix review comments. 2020-11-23 09:44:56 +01:00
W.C.A. Wijngaards
fd94b0bc9b stream reuse, rename ssl_reuse test to tls_reuse test. 2020-11-23 09:35:58 +01:00
W.C.A. Wijngaards
6ded710013 stream reuse, renamed ssl_reuse.tdir to tls_reuse.tdir. 2020-11-23 09:33:28 +01:00
mb
f7fb338c95 rpz: continue work on the nsip trigger 2020-11-16 12:42:23 +01:00
mb
07d937f508 rpz: more nsip 2020-11-16 09:49:06 +01:00
mb
e27b160acd rpz: stubs for nsip triggers 2020-11-13 14:36:00 +01:00
Ralph Dolmans
946ed23f73 Merge branch 'master' into edns-string 2020-11-11 11:37:32 +01:00
mb
9149a6d1e4 RPZ: stub nsip testbound scenario 2020-11-11 11:21:54 +01:00
mb
667863770f RPZ: refactor clientip to handle multiple rrsets 2020-11-09 15:59:00 +01:00
mb
9b4bbb49b4 RPZ: one more testcase 2020-11-09 12:08:06 +01:00
mb
80205ba133 RPZ: towards client ip trigger and local data action 2020-11-06 12:54:32 +01:00
mb
bd0c910830 RPZ: provide rpz-client-ip trigger and actions 2020-11-04 17:00:28 +01:00
mb
1ab84a1d27 RPZ: testbound: add qname and respip tcp-only examples 2020-11-03 11:03:29 +01:00
mb
dd70c2ef9a RPZ: implement stubs for rpz-tcp-only actions. 2020-11-02 14:21:57 +01:00
W.C.A. Wijngaards
e573f55dcd zonemd, unit tests for insecure delegation zones. 2020-10-29 14:59:11 +01:00
W.C.A. Wijngaards
cd3d54b504 zonemd, unit test for failed zonemd hash after axfr with chain of trust, 
zone is written after axfr, but before check.  But zone is then rejected
after check completes..
 2020-10-29 10:13:01 +01:00
W.C.A. Wijngaards
2757e0ff51 zonemd, unit test for failed zonemd hash after axfr, zone is rejected and not 
written to file.
 2020-10-29 10:00:59 +01:00
W.C.A. Wijngaards
43e32eae33 zonemd, unit test for zonemd from axfr with trust anchor. 2020-10-29 09:55:03 +01:00
W.C.A. Wijngaards
7ebb890a4a zonemd, unit test for zonemd from file and trust anchor directly for DNSSEC. 2020-10-28 15:10:14 +01:00
W.C.A. Wijngaards
639a773c39 zonemd, unit test for chain of trust from recursion to check ZONEMD. 2020-10-27 13:44:44 +01:00
W.C.A. Wijngaards
8e53f0b14f zonemd, unit test with correct title. 2020-10-23 14:40:00 +02:00
W.C.A. Wijngaards
2b9569c7fe zonemd, fix config_get_option for zonemd-permissive-mode and unit test 
for zonemd-permissive-mode.
 2020-10-23 14:38:57 +02:00
W.C.A. Wijngaards
165b048e07 zonemd, zonemd-permissive-mode: yes logs the failure but does not block 
the zone after a ZONEMD verification failure.
 2020-10-23 14:33:04 +02:00
W.C.A. Wijngaards
caee84d92e zonemd, unit test for unbound-control auth_zone_reload with zonemd. 2020-10-23 12:10:30 +02:00
W.C.A. Wijngaards
1cb7d5a194 zonemd, unit test for auth zone zonemd axfr 
zonemd, zonemds are checked after zone transfer.
 2020-10-23 09:12:51 +02:00
W.C.A. Wijngaards
f854f4e867 zonemd, test for server start with zonemd from file. 2020-10-22 16:02:37 +02:00
W.C.A. Wijngaards
7ac4eb229d zonemd, unit tests for verifying DNSKEY with trust anchor failures. 2020-10-21 15:58:47 +02:00
W.C.A. Wijngaards
3c86bf51de zonemd, unit tests for wrong NSEC RRSIGs. 2020-10-21 15:04:06 +02:00
W.C.A. Wijngaards
58d91646f1 zonemd, unit tests for DNSSEC type bitmaps. 2020-10-21 14:23:44 +02:00
W.C.A. Wijngaards
e1d119af7e zonemd, unit tests for wrong DNSSEC signatures. 2020-10-21 13:17:42 +02:00
W.C.A. Wijngaards
e8d29f973d zonemd, fix that dnssec denial does not invalidate zone. 
zonemd, unit test of nsec and nsec3 denial.
 2020-10-21 11:51:30 +02:00
W.C.A. Wijngaards
2ebc4eae2f Merge branch 'master' into zonemd 2020-10-21 10:59:32 +02:00
W.C.A. Wijngaards
ee3f26bb3d Add verbosity to debug occasional missing q1-10.example.net, from timer. 2020-10-21 10:56:51 +02:00
W.C.A. Wijngaards
78e9b8949c Merge branch 'master' into stream-reuse 
Resolved comm_point_start_listening conflict for socket close.
 2020-10-21 09:54:03 +02:00