upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-29 10:59:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
4778 commits 23 branches 209 tags 124 MiB
Commit graph

175 commits

Author SHA1 Message Date
Wouter Wijngaards
71b078611f - Fix #4206: support openssl 1.0.2 for TLS hostname verification, 
alongside the 1.1.0 and later support that is already there.


git-svn-id: file:///svn/unbound/trunk@5018 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-12-10 14:27:24 +00:00
Wouter Wijngaards
fece182cf5 - Set default for so-reuseport to no for FreeBSD. It is enabled 
by default for Linux and DragonFlyBSD.  The setting can 
  be configured in unbound.conf to override the default.


git-svn-id: file:///svn/unbound/trunk@4932 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-05 15:07:19 +00:00
Wouter Wijngaards
8e20d628e8 - Fix compile on Mac for unbound, provide explicit_bzero when libc 
does not have it.


git-svn-id: file:///svn/unbound/trunk@4907 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-17 07:06:57 +00:00
Wouter Wijngaards
9a82526b91 - exit log routine is annotated as noreturn function. 
- free memory leaks in config strlist and str2list insert functions.
- do not move unused argv variable after getopt.
- Remove unused if clause in testcode.


git-svn-id: file:///svn/unbound/trunk@4896 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 08:58:21 +00:00
Wouter Wijngaards
261bf354b7 - Use accept4 to speed up incoming TCP (and TLS) connections, 
available on Linux and FreeBSD.


git-svn-id: file:///svn/unbound/trunk@4686 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-23 13:55:09 +00:00
Wouter Wijngaards
f39e39ed47 - For addr with #authname and no @port notation, the default is 853. 
git-svn-id: file:///svn/unbound/trunk@4637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 14:23:14 +00:00
Wouter Wijngaards
1f9caf5805 - ED448 support. 
git-svn-id: file:///svn/unbound/trunk@4607 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 14:44:17 +00:00
Wouter Wijngaards
e784758a21 - Add --with-libhiredis, unbound support for a new cached backend 
that uses a Redis server as the storage.  This implementation
  depends on the hiredis client library (https://redislabs.com/lp/hiredis/).
  And unbound should be built with both --enable-cachedb and
  --with-libhiredis[=PATH] (where $PATH/include/hiredis/hiredis.h
  should exist).  Patch from Jinmei Tatuya (Infoblox).


git-svn-id: file:///svn/unbound/trunk@4586 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-15 12:33:51 +00:00
Wouter Wijngaards
54bd1fdd62 - tls-cert-bundle option in unbound.conf enables TLS authentication. 
git-svn-id: file:///svn/unbound/trunk@4532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 10:35:09 +00:00
Wouter Wijngaards
30891d6fff - Fix unfreed locks in log and arc4random at exit of unbound. 
git-svn-id: file:///svn/unbound/trunk@4491 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 09:27:16 +00:00
Wouter Wijngaards
35bd34f8e6 - Fix #2141 - for libsodium detect lack of entropy in chroot, print 
a message and exit.


git-svn-id: file:///svn/unbound/trunk@4398 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-03 15:08:14 +00:00
Wouter Wijngaards
e396684a54 - Fix #1365: Add Ed25519 support using libnettle. 
git-svn-id: file:///svn/unbound/trunk@4286 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 10:44:30 +00:00
Wouter Wijngaards
33de42e729 - Detect chacha for dnscrypt at configure time. 
git-svn-id: file:///svn/unbound/trunk@4215 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 08:17:38 +00:00
Wouter Wijngaards
8c4e7ffb14 - Support for openssl EVP_DigestVerify. 
- Support for the ED25519 algorithm with openssl (from openssl 1.1.1).


git-svn-id: file:///svn/unbound/trunk@4198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-30 12:28:25 +00:00
Wouter Wijngaards
7641f23f87 - updated configure, dependencies and flex output. 
git-svn-id: file:///svn/unbound/trunk@4159 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 13:21:10 +00:00
George Thessalonikefs
491b0a26e4 - Implemented opportunistic IPsec support module (ipsecmod). 
- Some whitespace fixup.


git-svn-id: file:///svn/unbound/trunk@4158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 12:39:24 +00:00
Ralph Dolmans
b0fd814975 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
Wouter Wijngaards
7c9584e408 - #1217. DNSCrypt support, with --enable-dnscrypt, libsodium and then 
enabled in the config file from Manu Bretelle.


git-svn-id: file:///svn/unbound/trunk@4065 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 14:55:31 +00:00
Wouter Wijngaards
05215e8e7d - --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and 
DS records.  NSEC3 is not disabled.
- fake-sha1 test option; print warning if used.  To make unit tests.


git-svn-id: file:///svn/unbound/trunk@4043 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-09 13:18:08 +00:00
Wouter Wijngaards
35ae8ef313 - Patch from Luiz Fernando Softov for Stats Shared Memory. 
- unbound-control stats_shm command prints stats using shared memory,
  which uses less cpu.


git-svn-id: file:///svn/unbound/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 12:05:05 +00:00
Wouter Wijngaards
cd7db58ce3 - configure --enable-systemd and lets unbound use systemd sockets if 
you enable use-systemd: yes in unbound.conf.
  Also there are contrib/unbound.socket and contrib/unbound.service:
  systemd files for unbound, install them in /usr/lib/systemd/system.
  Contributed by Sami Kerola and Pavel Odintsov.



git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:43:29 +00:00
Wouter Wijngaards
db2cf53e7b - Fix inet_ntop and inet_pton warnings in windows compile. 
git-svn-id: file:///svn/unbound/trunk@3969 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-15 13:10:58 +00:00
Wouter Wijngaards
e28903cb6d autoconf 
git-svn-id: file:///svn/unbound/trunk@3955 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-07 13:04:46 +00:00
Wouter Wijngaards
a6e3ed1025 - patch from Dag-Erling Smorgrav that removes code that relies 
on sbrk().


git-svn-id: file:///svn/unbound/trunk@3934 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 15:50:07 +00:00
Wouter Wijngaards
fa81710d16 - configure detects ssl security level API function in the autoconf 
manner.  Every function on its own, so that other libraries (eg.
  LibreSSL) can develop their API without hindrance.


git-svn-id: file:///svn/unbound/trunk@3921 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 08:05:42 +00:00
Wouter Wijngaards
42d2190343 - Test for openssl init_crypto and init_ssl functions. 
git-svn-id: file:///svn/unbound/trunk@3860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-15 12:03:10 +00:00
Wouter Wijngaards
db4645fc65 autoconf 
git-svn-id: file:///svn/unbound/trunk@3846 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-02 11:20:45 +00:00
Wouter Wijngaards
3514843818 - Fix compile with openssl 1.1.0 with api=1.1.0. 
git-svn-id: file:///svn/unbound/trunk@3844 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-02 09:59:09 +00:00
Wouter Wijngaards
7169b484b1 autoconf and autoheader. 
git-svn-id: file:///svn/unbound/trunk@3815 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-14 07:06:53 +00:00
Wouter Wijngaards
eaa6e239f7 - Fix #788 for nettle 3.0: Failed to build with Nettle >= 3.0 and 
--with-libunbound-only --with-nettle.


git-svn-id: file:///svn/unbound/trunk@3810 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-05 14:00:33 +00:00
Wouter Wijngaards
c697604224 - Fix #784: Build configure assumess that having getpwnam means there 
is endpwent function available.
- Updated repository with newer flex and bison output.


git-svn-id: file:///svn/unbound/trunk@3799 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-27 08:00:55 +00:00
Wouter Wijngaards
8072ea6930 - compat strsep implementation. 
git-svn-id: file:///svn/unbound/trunk@3738 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 12:27:41 +00:00
Wouter Wijngaards
f103787644 - cachedb module framework (empty). 
git-svn-id: file:///svn/unbound/trunk@3698 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-14 14:50:18 +00:00
Wouter Wijngaards
fbae76885a - OpenSSL 1.1.0 portability, --disable-dsa configure option. 
git-svn-id: file:///svn/unbound/trunk@3689 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-23 08:19:49 +00:00
Wouter Wijngaards
728fce7494 - Fix test for openssl to use HMAC_Update for 1.1.0. 
- acx_nlnetlabs.m4 to v33, with HMAC_Update.


git-svn-id: file:///svn/unbound/trunk@3685 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-21 10:10:10 +00:00
Wouter Wijngaards
e6bbdc611a And aclocal too (you need matching libtool versions for configure to work). 
git-svn-id: file:///svn/unbound/trunk@3653 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-10 08:30:07 +00:00
Willem Toorop
bcfbe0d9c4 User defined pluggable event mechanism (for review) 
git-svn-id: file:///svn/unbound/branches/ub_event@3647 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-07 14:10:06 +00:00
Wouter Wijngaards
73b5cc9a26 - configure tests for the weak attribute support by the compiler. 
git-svn-id: file:///svn/unbound/trunk@3645 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-03 15:59:25 +00:00
Wouter Wijngaards
f25ee488a9 - Update aclocal, autoconf output with new versions (1.15, 2.4.6). 
git-svn-id: file:///svn/unbound/trunk@3596 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-07 10:34:46 +00:00
Wouter Wijngaards
5d0ad681a2 - #731: tcp-mss, outgoing-tcp-mss options for unbound.conf, patch 
from Daisuke Higashi.


git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:03:59 +00:00
Wouter Wijngaards
82c7df3487 - Define DEFAULT_SOURCE together with BSD_SOURCE when that is defined, 
for Linux glibc 2.20.


git-svn-id: file:///svn/unbound/trunk@3588 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-04 09:52:48 +00:00
Wouter Wijngaards
46ca8274b8 - OSX portability, detect if sbrk is deprecated. 
git-svn-id: file:///svn/unbound/trunk@3582 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-11 12:44:44 +00:00
Wouter Wijngaards
2bdea62a9e - Fix #594. libunbound: optionally use libnettle for crypto. 
Contributed by Luca Bruno.  Added --with-nettle for use with
  --with-libunbound-only.


git-svn-id: file:///svn/unbound/trunk@3533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 09:43:07 +00:00
Wouter Wijngaards
dd174820dc windows portability. 
git-svn-id: file:///svn/unbound/trunk@3521 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-27 15:35:08 +00:00
Wouter Wijngaards
ec9cee7fc2 - portability, replace snprintf if return value broken. 
git-svn-id: file:///svn/unbound/trunk@3518 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-27 13:47:50 +00:00
Wouter Wijngaards
374ee84b27 - detect libexpat without xml_StopParser function. 
git-svn-id: file:///svn/unbound/trunk@3515 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-27 10:22:05 +00:00
Wouter Wijngaards
995c8a6be6 - isblank() compat implementation. 
git-svn-id: file:///svn/unbound/trunk@3514 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-27 09:52:16 +00:00
Wouter Wijngaards
583b376217 - Fix configure to detect SSL_CTX_set_ecdh_auto. 
git-svn-id: file:///svn/unbound/trunk@3453 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:30:49 +00:00
Wouter Wijngaards
78c8224655 - Enable ECDHE for servers. Where available, use 
SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to
  enable ECDHE.  Otherwise, manually offer curve p256.
  Client connections should automatically use ECDHE when available.
  (thanks Daniel Kahn Gillmor)


git-svn-id: file:///svn/unbound/trunk@3452 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-20 06:56:01 +00:00
Wouter Wijngaards
63b5d109f8 - Use reallocarray for integer overflow protection, patch submitted 
by Loganaden Velvindron.


git-svn-id: file:///svn/unbound/trunk@3365 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-17 08:24:24 +00:00