upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-25 09:09:40 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
2998 commits 23 branches 209 tags 124 MiB
Commit graph

370 commits

Author SHA1 Message Date
Matthijs Mekking
dab0af8d87 Be lenient when a NSEC NameError response with RCODE=NXDOMAIN is received. 
This is okay according 4035, but not after revising existence in 4592. 
NSEC empty non-terminals exist and thus the RCODE should have been NOERROR.

If this occurs, and the RRsets are secure, we set the RCODE to NOERROR and
the security status of the reponse is also considered secure.



git-svn-id: file:///svn/unbound/trunk@3089 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-20 09:46:50 +00:00
Matthijs Mekking
492a5ca681 only whitespace changes 
git-svn-id: file:///svn/unbound/trunk@3088 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-18 13:54:19 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
Wouter Wijngaards
2bb8f893cc - Fix #547: no trustanchor written if filesystem full, fclose checked. 
git-svn-id: file:///svn/unbound/trunk@3044 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-21 10:14:55 +00:00
Wouter Wijngaards
3ce7b4a6fa - Windows port, adjust %lld to %I64d, and warning in win_event.c. 
git-svn-id: file:///svn/unbound/trunk@3040 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-16 16:01:37 +00:00
Wouter Wijngaards
67f5157e45 - fix #544: Fixed +i causes segfault when running with module conf "iterator". 
git-svn-id: file:///svn/unbound/trunk@3038 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-16 13:04:34 +00:00
Wouter Wijngaards
d3cbd76546 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: file:///svn/unbound/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00
Wouter Wijngaards
3de090dadb Fix linking of sldns and ldns, unique identifiers for global variables. 
git-svn-id: file:///svn/unbound/trunk@3021 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-11-30 11:03:55 +00:00
Wouter Wijngaards
29e96e86c9 - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: file:///svn/unbound/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
Wouter Wijngaards
c9438d938e fix lint, more time_t 
git-svn-id: file:///svn/unbound/trunk@2950 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-27 14:45:33 +00:00
Wouter Wijngaards
3e41dedfc5 remove bool. 
git-svn-id: file:///svn/unbound/trunk@2949 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-27 13:47:23 +00:00
Wouter Wijngaards
bf67dc2a0d remove bool. 
git-svn-id: file:///svn/unbound/trunk@2948 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-27 13:46:41 +00:00
Wouter Wijngaards
50e68cbcda more time_t 
git-svn-id: file:///svn/unbound/trunk@2947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-27 11:44:33 +00:00
Wouter Wijngaards
5db366f99f - review fixes from Willem. 
git-svn-id: file:///svn/unbound/trunk@2945 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-22 14:10:29 +00:00
Wouter Wijngaards
c845aceee4 - more fixes that I overlooked. 
git-svn-id: file:///svn/unbound/trunk@2944 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-22 07:33:51 +00:00
Wouter Wijngaards
8ba21bd7e7 - Fix#520: Errors found by static analysis from Tomas Hozza(redhat). 
git-svn-id: file:///svn/unbound/trunk@2942 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-21 13:31:09 +00:00
Wouter Wijngaards
f1fd2b53eb - Fix for 2038, with time_t instead of uint32_t. 
git-svn-id: file:///svn/unbound/trunk@2939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 12:23:42 +00:00
Wouter Wijngaards
021f32ebf9 - Fix memleak in testcode for testbound (if it fails). 
- Fix NSS returned arrays out of setup function to be statics.


git-svn-id: file:///svn/unbound/trunk@2930 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-07-29 07:32:35 +00:00
Wouter Wijngaards
416df19f6d - Fix use-after-free in out-of-memory handling code (thanks Jake 
Montgomery).


git-svn-id: file:///svn/unbound/trunk@2900 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-05-16 07:36:37 +00:00
Wouter Wijngaards
fbedfb7429 - Robust checks on dname validity from rdata for dname compare. 
git-svn-id: file:///svn/unbound/trunk@2892 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-25 10:28:25 +00:00
Wouter Wijngaards
ffab065d1e - includes and have_ssl fixes for nss. 
git-svn-id: file:///svn/unbound/trunk@2830 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-30 13:15:03 +00:00
Wouter Wijngaards
ed6b39c095 fixup for doxygen 1.8.3 
git-svn-id: file:///svn/unbound/trunk@2827 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-28 13:44:38 +00:00
Matthijs Mekking
79ffc1ab81 Fix validation for responses with CNAME and wildcard expanded CNAME in 
ANSWER section.



git-svn-id: file:///svn/unbound/trunk@2777 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-10-29 14:06:00 +00:00
Wouter Wijngaards
a8e468fc67 - ignore trusted-keys globs that have no files (from Paul Wouters). 
git-svn-id: file:///svn/unbound/trunk@2770 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-10-01 07:18:49 +00:00
Wouter Wijngaards
5e5e89b9f5 - RFC6725 deprecates RSAMD5: this DNSKEY algorithm is disabled. 
git-svn-id: file:///svn/unbound/trunk@2753 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-08-30 12:02:53 +00:00
Wouter Wijngaards
07470115e5 - fix bogus nodata cname chain not reported as bogus by validator, 
(Thanks Peter van Dijk).


git-svn-id: file:///svn/unbound/trunk@2727 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-27 13:38:00 +00:00
Wouter Wijngaards
f82edc1b64 - review fix for libnss, check hash prefix allocation size. 
git-svn-id: file:///svn/unbound/trunk@2723 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-25 14:32:37 +00:00
Wouter Wijngaards
85c915f116 - fix missing break for GOST DS hash function. 
- make depend


git-svn-id: file:///svn/unbound/trunk@2721 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-23 12:27:04 +00:00
Wouter Wijngaards
d4f49a7a40 - Fix validation of qtype DS queries that result in no data for 
non-optout NSEC3 zones.


git-svn-id: file:///svn/unbound/trunk@2712 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-06 13:56:44 +00:00
Wouter Wijngaards
097c70be91 - detect if openssl has FIPS_mode. 
git-svn-id: file:///svn/unbound/trunk@2703 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-28 06:54:16 +00:00
Wouter Wijngaards
87ded67cb6 - disable RSAMD5 if in FIPS mode (for openssl and for libnss). 
git-svn-id: file:///svn/unbound/trunk@2702 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-25 15:13:44 +00:00
Wouter Wijngaards
98b6f90637 - disable RSAMD5 if in FIPS mode (when compiled with openssl). 
git-svn-id: file:///svn/unbound/trunk@2701 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-25 15:02:52 +00:00
Wouter Wijngaards
b9ed797a22 Test for ECC support for libNSS. 
git-svn-id: file:///svn/unbound/trunk@2700 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-22 15:20:56 +00:00
Wouter Wijngaards
25096aa3ab implement DNSSEC with libNSS: NSEC3, RSA, DSA, ECDSA, and DS hashes. 
make test succeeds.


git-svn-id: file:///svn/unbound/trunk@2699 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-22 14:31:29 +00:00
Wouter Wijngaards
cd8e4a0bc5 RSA with nss. 
git-svn-id: file:///svn/unbound/trunk@2697 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-21 15:19:16 +00:00
Wouter Wijngaards
d051dfaf19 remove double free. 
git-svn-id: file:///svn/unbound/trunk@2696 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-21 12:01:34 +00:00
Wouter Wijngaards
f2da5c6867 - nss check for verification failure. 
git-svn-id: file:///svn/unbound/trunk@2695 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-21 12:00:48 +00:00
Wouter Wijngaards
6ba973a8bd - fix error handling of alloc failure during rrsig verification. 
git-svn-id: file:///svn/unbound/trunk@2693 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-21 07:22:01 +00:00
Wouter Wijngaards
ccf4099366 - work on --with-nss build option (for now, --with-libunbound-only). 
git-svn-id: file:///svn/unbound/trunk@2690 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-20 15:11:53 +00:00
Wouter Wijngaards
15aacbe89b code review. 
git-svn-id: file:///svn/unbound/trunk@2688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-18 14:22:29 +00:00
Wouter Wijngaards
06a3f735d7 - The key-cache bad key ttl is now 60 seconds. 
git-svn-id: file:///svn/unbound/trunk@2685 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-15 12:25:29 +00:00
Wouter Wijngaards
0a1195f690 - Protect if statements in val_anchor for compilate without locks. 
git-svn-id: file:///svn/unbound/trunk@2670 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-05-16 10:54:52 +00:00
Wouter Wijngaards
2bf79c2e65 - Fix validation of nodata for DS query in NSEC zones, reported by 
Ondrej Mikle.


git-svn-id: file:///svn/unbound/trunk@2662 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-05-02 11:58:27 +00:00
Wouter Wijngaards
773d8e3b84 Fix prefetch and stickyness. 
git-svn-id: file:///svn/unbound/trunk@2632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 11:04:53 +00:00
Wouter Wijngaards
682ff957ed lint and doxygen fixes. 
git-svn-id: file:///svn/unbound/trunk@2631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 10:08:07 +00:00
Wouter Wijngaards
718dcce317 fix race condition. 
git-svn-id: file:///svn/unbound/trunk@2625 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 15:03:36 +00:00
Wouter Wijngaards
08835e01ee free unsupported trust anchors. 
git-svn-id: file:///svn/unbound/trunk@2624 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 14:53:45 +00:00
Wouter Wijngaards
d64b14cff9 - unbound-control forward_add, forward_remove, stub_add, stub_remove 
can modify stubs and forwards for running unbound (on mobile computer)
  they can also add and remove domain-insecure for the zone.


git-svn-id: file:///svn/unbound/trunk@2623 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 14:35:28 +00:00
Wouter Wijngaards
c352ee2e85 - workaround for openssl 0.9.8 ecdsa sha2 and evp problem. 
git-svn-id: file:///svn/unbound/trunk@2608 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-08 16:40:46 +00:00
Wouter Wijngaards
924789d877 - implement draft-ietf-dnsext-ecdsa-04; which is in IETF LC; This 
implementation is experimental at this time and not recommended
  for use on the public internet (the protocol numbers have not
  been assigned).  Needs recent ldns with --enable-ecdsa.
- fix memory leak in errorcase for DSA signatures.


git-svn-id: file:///svn/unbound/trunk@2606 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-08 13:22:44 +00:00