upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-22 07:41:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
3742 commits 23 branches 209 tags 123 MiB
Commit graph

140 commits

Author SHA1 Message Date
Ralph Dolmans
efe248c46a - Added stub-ssl-upstream and forward-ssl-upstream options. 
git-svn-id: file:///svn/unbound/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 12:07:52 +00:00
Wouter Wijngaards
680e14cb65 - log-identity: config option to set sys log identity, patch from 
"Robin H. Johnson" <robbat2@gentoo.org>


git-svn-id: file:///svn/unbound/trunk@3917 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-03 08:51:40 +00:00
Wouter Wijngaards
27182d614b - Fix unit tests for openssl 1.1, with no DSA, by faking DSA, enabled 
with the undocumented switch 'fake-dsa'.  It logs a warning.


git-svn-id: file:///svn/unbound/trunk@3909 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-26 07:38:00 +00:00
Wouter Wijngaards
a9a65800b8 - serve-expired config option: serve expired responses with TTL 0. 
git-svn-id: file:///svn/unbound/trunk@3903 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-24 12:43:20 +00:00
Ralph Dolmans
9c0944ec1e - Added qname-minimisation-strict config option. 
git-svn-id: file:///svn/unbound/trunk@3878 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-11 11:32:50 +00:00
Ralph Dolmans
b587c7f72d Added views functionality. 
git-svn-id: file:///svn/unbound/trunk@3876 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-05 09:36:25 +00:00
Wouter Wijngaards
b6b3e2b914 - For #787: prefer-ip6 option for unbound.conf prefers to send 
upstream queries to ipv6 servers.


git-svn-id: file:///svn/unbound/trunk@3803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-04 14:49:49 +00:00
Wouter Wijngaards
a2555b39d7 and fixup delete rest of list on parse failure. 
git-svn-id: file:///svn/unbound/trunk@3762 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 15:01:48 +00:00
Wouter Wijngaards
0e97374466 - access-control-tag-action and access-control-tag-data config 
directives.
- make depend


git-svn-id: file:///svn/unbound/trunk@3759 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 13:47:24 +00:00
Wouter Wijngaards
65bcb9b0ca - local-zone-override config directive. 
git-svn-id: file:///svn/unbound/trunk@3758 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 10:00:25 +00:00
Wouter Wijngaards
415fc52b08 - access-control-tag config directive. 
git-svn-id: file:///svn/unbound/trunk@3754 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 08:33:59 +00:00
Wouter Wijngaards
7fcec8102f - disable-dnssec-lame-check config option from Charles Walker. 
git-svn-id: file:///svn/unbound/trunk@3725 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-24 12:17:42 +00:00
Wouter Wijngaards
46d476b0c2 define-tag and local-zone-tag configuration. 
git-svn-id: file:///svn/unbound/trunk@3708 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-21 09:49:02 +00:00
Wouter Wijngaards
9f8b2bb468 - ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for 
binding to an IP address while the interface or address is down.


git-svn-id: file:///svn/unbound/trunk@3673 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-15 09:35:48 +00:00
Wouter Wijngaards
36d3966e60 - ub_ctx_set_stub() function for libunbound to config stub zones. 
git-svn-id: file:///svn/unbound/trunk@3632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-02-23 10:43:10 +00:00
Wouter Wijngaards
785697de82 - insecure-lan-zones: yesno config option, patch from Dag-Erling 
Smørgrav.


git-svn-id: file:///svn/unbound/trunk@3619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-02-09 13:25:59 +00:00
Wouter Wijngaards
dd8b5729f2 Fix signed-unsigned lint warnings in tcp-mss. 
git-svn-id: file:///svn/unbound/trunk@3592 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:08:37 +00:00
Wouter Wijngaards
5d0ad681a2 - #731: tcp-mss, outgoing-tcp-mss options for unbound.conf, patch 
from Daisuke Higashi.


git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:03:59 +00:00
Ralph Dolmans
014142d7bf Qname minimisation review fixes 
git-svn-id: file:///svn/unbound/trunk@3561 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 13:14:00 +00:00
Wouter Wijngaards
bb7b4db353 Fixup #724 in unbound-checkconf and fname_after_chroot calls. 
git-svn-id: file:///svn/unbound/trunk@3558 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 09:12:30 +00:00
Ralph Dolmans
a05bf09811 Implemented qname minimisation 
git-svn-id: file:///svn/unbound/trunk@3554 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-30 16:10:26 +00:00
Wouter Wijngaards
152458c40b - spelling fixes from Igor Sobrado Delgado. 
git-svn-id: file:///svn/unbound/trunk@3544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-18 14:11:46 +00:00
Wouter Wijngaards
ee263cf6c5 - Added permit-small-holddown config to debug fast 5011 rollover. 
git-svn-id: file:///svn/unbound/trunk@3462 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-30 11:52:12 +00:00
Wouter Wijngaards
94a6478e05 - SOA negative TTL is capped at minimumttl in its rdata section. 
- cache-max-negative-ttl config option, default 3600.


git-svn-id: file:///svn/unbound/trunk@3431 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 14:51:36 +00:00
Wouter Wijngaards
f03d3b870e - caps-whitelist in unbound.conf allows whitelist of loadbalancers 
that cannot work with caps-for-id or its fallback.


git-svn-id: file:///svn/unbound/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 12:36:16 +00:00
Wouter Wijngaards
628ff05285 - Ratelimit does not apply to prefetched queries, and ratelimit-factor 
is default 10.  Repeated normal queries get resolved and with
  prefetch stay in the cache.


git-svn-id: file:///svn/unbound/trunk@3399 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:18:50 +00:00
Wouter Wijngaards
e30a90febc - ratelimit feature, ratelimit: 100, or some sensible qps, can be 
used to turn it on.  It ratelimits recursion effort per zone.
  For particular names you can configure exceptions in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@3391 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 09:59:57 +00:00
Wouter Wijngaards
a1d006bc77 comment spelling improvement. 
git-svn-id: file:///svn/unbound/trunk@3370 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-19 09:58:49 +00:00
Wouter Wijngaards
77088b12ff - Add ip-transparent config option for bind to non-local addresses. 
git-svn-id: file:///svn/unbound/trunk@3369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-19 09:50:35 +00:00
Wouter Wijngaards
49250ef291 - Fix #644: harden-algo-downgrade option, if turned off, fixes the 
reported excessive validation failure when multiple algorithms
  are present.  It allows the weakest algorithm to validate the zone.


git-svn-id: file:///svn/unbound/trunk@3354 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-09 13:30:37 +00:00
Wouter Wijngaards
a226533c8b - Fix #647 crash in 1.5.2 because pwd.db no longer accessible after 
reload.


git-svn-id: file:///svn/unbound/trunk@3341 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-20 14:48:04 +00:00
Wouter Wijngaards
3ef33154e5 - infra-cache-min-rtt patch from Florian Riehm, for expected long 
uplink roundtrip times.


git-svn-id: file:///svn/unbound/trunk@3328 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-02 08:46:22 +00:00
Wouter Wijngaards
a3f0a34efb - Fixup that patch and uid lookup (only for daemon). 
git-svn-id: file:///svn/unbound/trunk@3306 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:37:45 +00:00
Wouter Wijngaards
df73be98bd - patch for remote control over local sockets, from Dag-Erling 
Smorgrav, Ilya Bakulin.  Use control-interface: /path/sock and
  control-use-cert: no.


git-svn-id: file:///svn/unbound/trunk@3304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:12:59 +00:00
Wouter Wijngaards
8ccba42b1f - dnstap support, with a patch from Farsight Security, written by 
Robert Edmonds. The --enable-dnstap needs libfstrm and protobuf-c.
  It is BSD licensed (see dnstap/dnstap.c).
  Building with --enable-dnstap needs pkg-config with this patch.
- Noted dnstap in doc/README and doc/CREDITS.


git-svn-id: file:///svn/unbound/trunk@3206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-05 07:57:52 +00:00
Wouter Wijngaards
45022b6add - DNS64 from Viagenie (BSD Licensed), written by Simon Perrault. 
Initial commit of the patch from the FreeBSD base (with its fixes).
  This adds a module (for module-config in unbound.conf) dns64 that
  performs DNS64 processing, see README.DNS64.


git-svn-id: file:///svn/unbound/trunk@3198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-07-31 07:15:33 +00:00
Wouter Wijngaards
3468dce5c2 - Code cleanup patch from Dag-Erling Smorgrav, with compiler issue 
fixes from FreeBSD's copy of Unbound, he notes:
  Generate unbound-control-setup.sh at build time so it respects
  prefix and sysconfdir from the configure script.  Also fix the
  umask to match the comment, and the comment to match the umask.
  Add const and static where needed.  Use unions instead of
  playing pointer poker.  Move declarations that are needed in
  multiple source files into a shared header.  Move sldns_bgetc()
  from parse.c to buffer.c where it belongs.  Introduce a new
  header file, worker.h, which declares the callbacks that
  all workers must define.  Remove those declarations from
  libworker.h.	Include the correct headers in the correct places.
  Fix a few dummy callbacks that don't match their prototype.
  Fix some casts.  Hide the sbrk madness behind #ifdef HAVE_SBRK.
  Remove a useless printf which breaks reproducible builds.
  Get rid of CONFIGURE_{TARGET,DATE,BUILD_WITH} now that they're
  no longer used.  Add unbound-control-setup.sh to the list of
  generated files.



git-svn-id: file:///svn/unbound/trunk@3137 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-05-28 08:07:12 +00:00
Wouter Wijngaards
bdc57e5be5 - Feature, unblock-lan-zones: yesno that you can use to make unbound 
perform 10.0.0.0/8 and other reverse lookups normally, for use if
  unbound is running service for localhost on localhost.


git-svn-id: file:///svn/unbound/trunk@3133 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-05-20 10:38:32 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
Wouter Wijngaards
d8e5a83392 - delay-close: msec option that delays closing ports for which 
the UDP reply has timed out.  Keeps the port open, only accepts
  the correct reply.  This correct reply is not used, but the port
  is open so that no port-denied ICMPs are generated.


git-svn-id: file:///svn/unbound/trunk@3058 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-28 14:35:55 +00:00
Wouter Wijngaards
60511959ab - so-reuseport: yesno option to distribute queries evenly over 
threads on Linux (Thanks Robert Edmonds).


git-svn-id: file:///svn/unbound/trunk@3049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-24 11:43:38 +00:00
Wouter Wijngaards
f1fd2b53eb - Fix for 2038, with time_t instead of uint32_t. 
git-svn-id: file:///svn/unbound/trunk@2939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 12:23:42 +00:00
Wouter Wijngaards
ff1dbe4fcc - Implement max-udp-size config option, default 4096 (thanks 
Daisuke Higashi).


git-svn-id: file:///svn/unbound/trunk@2893 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-25 11:55:46 +00:00
Wouter Wijngaards
cf147df593 - Applied patch from Daisuke HIGASHI for rrset-roundrobin and 
minimal-responses features.


git-svn-id: file:///svn/unbound/trunk@2658 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-04-10 09:16:39 +00:00
Wouter Wijngaards
1736d8078a - forward-first option. Tries without forward if a query fails. 
Also stub-first option that is similar.


git-svn-id: file:///svn/unbound/trunk@2637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:16:40 +00:00
Wouter Wijngaards
d7172c55ed - Fix bug#434: on windows check registry for config file location 
for unbound-control.exe, and unbound-checkconf.exe.


git-svn-id: file:///svn/unbound/trunk@2635 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-27 13:20:29 +00:00
Wouter Wijngaards
8f5596f643 ssl_port setting, so that the dnssec-trigger server can be on one host machine. 
git-svn-id: file:///svn/unbound/trunk@2539 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-08 10:56:42 +00:00
Wouter Wijngaards
aa0536dcb5 - dns over ssl support, ssl-service-pem and ssl-service-key files 
can be given and then TCP queries are serviced wrapped in SSL.


git-svn-id: file:///svn/unbound/trunk@2530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-31 14:48:48 +00:00
Wouter Wijngaards
2479955f9f - lame-ttl and lame-size options no longer exist, it is integrated 
with the host info.  They are ignored (with verbose warning) if
  encountered to keep the config file backwards compatible.



git-svn-id: file:///svn/unbound/trunk@2527 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-27 08:33:02 +00:00
Wouter Wijngaards
05e118b7d5 tcp upstream option. 
git-svn-id: file:///svn/unbound/trunk@2480 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 13:58:40 +00:00