upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-21 15:21:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
3308 commits 23 branches 209 tags 123 MiB
Commit graph

82 commits

Author SHA1 Message Date
Wouter Wijngaards
1d7d43f9b5 Fixup #if 
git-svn-id: file:///svn/unbound/trunk@3454 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:37:15 +00:00
Wouter Wijngaards
583b376217 - Fix configure to detect SSL_CTX_set_ecdh_auto. 
git-svn-id: file:///svn/unbound/trunk@3453 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:30:49 +00:00
Wouter Wijngaards
78c8224655 - Enable ECDHE for servers. Where available, use 
SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to
  enable ECDHE.  Otherwise, manually offer curve p256.
  Client connections should automatically use ECDHE when available.
  (thanks Daniel Kahn Gillmor)


git-svn-id: file:///svn/unbound/trunk@3452 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-20 06:56:01 +00:00
Willem Toorop
fa20564699 SSL_CTX_use_certificate_chain_file() should be used instead of the 
SSL_CTX_use_certificate_file() function in order to allow the use of
complete certificate chains even when no trusted CA storage is used or
when the CA issuing the certificate shall not be added to the trusted
CA storage.

Thanks Daniel Kahn Gillmore


git-svn-id: file:///svn/unbound/trunk@3451 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-18 12:34:37 +00:00
Wouter Wijngaards
b2bdce46be - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
Wouter Wijngaards
6c6ef98b38 please lint. 
git-svn-id: file:///svn/unbound/trunk@3367 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-17 09:44:57 +00:00
Wouter Wijngaards
63b5d109f8 - Use reallocarray for integer overflow protection, patch submitted 
by Loganaden Velvindron.


git-svn-id: file:///svn/unbound/trunk@3365 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-17 08:24:24 +00:00
Wouter Wijngaards
887fa791f2 please lint. 
git-svn-id: file:///svn/unbound/trunk@3363 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-16 11:51:30 +00:00
Wouter Wijngaards
29f18d8f86 - Fixup compile on cygwin, more portable openssl thread id. 
git-svn-id: file:///svn/unbound/trunk@3362 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-16 10:51:32 +00:00
Wouter Wijngaards
92e26a89ad - unit test for local unix connection. Documentation and log_addr 
does not inspect port for AF_LOCAL.


git-svn-id: file:///svn/unbound/trunk@3315 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-16 13:11:07 +00:00
Wouter Wijngaards
df73be98bd - patch for remote control over local sockets, from Dag-Erling 
Smorgrav, Ilya Bakulin.  Use control-interface: /path/sock and
  control-use-cert: no.


git-svn-id: file:///svn/unbound/trunk@3304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:12:59 +00:00
Wouter Wijngaards
fcfbfe4030 - Fix #627: SSL_CTX_load_verify_locations return code not properly 
checked.


git-svn-id: file:///svn/unbound/trunk@3271 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-17 08:10:49 +00:00
Wouter Wijngaards
7084c20f88 - Disabled use of SSLv3 in remote-control and ssl-upstream. 
git-svn-id: file:///svn/unbound/trunk@3248 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-10-27 09:26:48 +00:00
Wouter Wijngaards
c19f818c52 - Fix #545: improved logging, the ip address of the error is printed 
on the same log-line as the error.


git-svn-id: file:///svn/unbound/trunk@3112 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-10 14:40:20 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
Wouter Wijngaards
361cc1f511 - made lint clean. 
git-svn-id: file:///svn/unbound/trunk@3050 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-24 13:23:45 +00:00
Wouter Wijngaards
d3cbd76546 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: file:///svn/unbound/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00
Wouter Wijngaards
3de090dadb Fix linking of sldns and ldns, unique identifiers for global variables. 
git-svn-id: file:///svn/unbound/trunk@3021 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-11-30 11:03:55 +00:00
Wouter Wijngaards
29e96e86c9 - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: file:///svn/unbound/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
Wouter Wijngaards
69bf8dc41d - Fixup openssl_thread init code to only run if compiled with SSL. 
git-svn-id: file:///svn/unbound/trunk@2843 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-11 16:03:51 +00:00
Wouter Wijngaards
b56365792e Even neater openssl callback removal code from Robert Fleischman. 
git-svn-id: file:///svn/unbound/trunk@2801 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-02 14:44:34 +00:00
Wouter Wijngaards
dabfda2d70 - Fix openssl lock free on exit (reported by Robert Fleischman). 
git-svn-id: file:///svn/unbound/trunk@2798 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-02 10:53:57 +00:00
Wouter Wijngaards
ca7ded0457 compile without warnings unthreaded. 
git-svn-id: file:///svn/unbound/trunk@2737 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-08-01 14:07:04 +00:00
Wouter Wijngaards
bbe6cb922a remove warnings on Solaris. 
git-svn-id: file:///svn/unbound/trunk@2735 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-08-01 13:18:19 +00:00
Wouter Wijngaards
a9d248e7c9 ifdef for NSS compile. 
git-svn-id: file:///svn/unbound/trunk@2734 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-08-01 13:08:58 +00:00
Wouter Wijngaards
f9762ba453 - Fix openssl race condition, initializes openssl locks, reported 
by Einar Lonn and Patrik Wallstrom.


git-svn-id: file:///svn/unbound/trunk@2733 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-08-01 11:31:29 +00:00
Wouter Wijngaards
f37bd4f2ce - compile libunbound with libnss on Suse, passes regression tests. 
git-svn-id: file:///svn/unbound/trunk@2710 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-04 12:33:32 +00:00
Wouter Wijngaards
ccf4099366 - work on --with-nss build option (for now, --with-libunbound-only). 
git-svn-id: file:///svn/unbound/trunk@2690 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-20 15:11:53 +00:00
Wouter Wijngaards
cf147df593 - Applied patch from Daisuke HIGASHI for rrset-roundrobin and 
minimal-responses features.


git-svn-id: file:///svn/unbound/trunk@2658 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-04-10 09:16:39 +00:00
Wouter Wijngaards
a1c76554a2 - Makefile changed for BSD make compatibility. 
git-svn-id: file:///svn/unbound/trunk@2544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-10 18:44:06 +00:00
Wouter Wijngaards
aa0536dcb5 - dns over ssl support, ssl-service-pem and ssl-service-key files 
can be given and then TCP queries are serviced wrapped in SSL.


git-svn-id: file:///svn/unbound/trunk@2530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-31 14:48:48 +00:00
Wouter Wijngaards
51810c1408 lint fix. 
git-svn-id: file:///svn/unbound/trunk@2520 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-19 14:39:35 +00:00
Wouter Wijngaards
ddddbf284f - Implement ipv6%interface notation for scope_id usage. 
git-svn-id: file:///svn/unbound/trunk@2519 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-19 14:34:11 +00:00
Wouter Wijngaards
8def9c1043 - log-queries: yesno option, default is no, prints querylog. 
git-svn-id: file:///svn/unbound/trunk@2429 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-06-16 13:15:57 +00:00
Wouter Wijngaards
bc54fa3e58 addr_is_any 
git-svn-id: file:///svn/unbound/trunk@2279 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-13 07:59:55 +00:00
Wouter Wijngaards
9d66b48885 - openbsd-lint fixes: acl_list_get_mem used if debug-alloc enabled. 
iterator get_mem includes priv_get_mem.  delegpt nodup removed.
  listen_pushback, query_info_allocqname, write_socket, send_packet,
  comm_point_set_cb_arg and listen_resume removed.


git-svn-id: file:///svn/unbound/trunk@2222 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-20 13:30:41 +00:00
Wouter Wijngaards
109fbe2350 - Squelch log message: sendto failed permission denied for 
255.255.255.255, it is visible in VERB_DETAIL (verbosity 2).


git-svn-id: file:///svn/unbound/trunk@2088 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-23 06:48:49 +00:00
Wouter Wijngaards
147d47eee7 Move includes to code files. 
git-svn-id: file:///svn/unbound/trunk@2035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-12 15:17:48 +00:00
Wouter Wijngaards
6cf3327d8d - fix for memory alignment in struct sock_list allocation. 
git-svn-id: file:///svn/unbound/trunk@2023 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-11 11:18:40 +00:00
Wouter Wijngaards
eb6253aa6c review comments. updated ldns tarball with 1.6.2. 
git-svn-id: file:///svn/unbound/trunk@1898 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-11 16:18:38 +00:00
Wouter Wijngaards
5b66f07e38 edns-buffer-size option. 
git-svn-id: file:///svn/unbound/trunk@1881 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-29 10:37:44 +00:00
Wouter Wijngaards
5d2e8e8e97 Retry mode, DS and prime. 
git-svn-id: file:///svn/unbound/trunk@1860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 07:52:02 +00:00
Wouter Wijngaards
455c3d130d Data retry on validation failure. 
git-svn-id: file:///svn/unbound/trunk@1859 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-06 08:31:47 +00:00
Wouter Wijngaards
c6da8de517 suppress ipv4mapped errors from logs. 
git-svn-id: file:///svn/unbound/trunk@1570 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-01 10:01:43 +00:00
Wouter Wijngaards
a2dcd9c019 forward command for unbound-control. 
git-svn-id: file:///svn/unbound/trunk@1482 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-13 15:26:37 +00:00
Wouter Wijngaards
8cbb13f251 Better logfile classification for log_bug, log_hex and log_addr. 
git-svn-id: file:///svn/unbound/trunk@1194 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-18 08:17:07 +00:00
Wouter Wijngaards
7be0e5b814 testbound works on XP. 
ioctlsocket nicer error message.

git-svn-id: file:///svn/unbound/trunk@1126 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-06-18 08:16:04 +00:00
Wouter Wijngaards
4a6d702edf - mingw32 porting. 
- test for sys/wait.h
          - WSAEWOULDBLOCK test after nonblocking TCP connect.
          - write_iov_buffer removed: unused and no struct iov on windows.
          - signed/unsigned warning fixup mini_event.
          - use ioctlsocket to set nonblocking I/O if fnctl is unavailable.
          - skip signals that are not defined
          - detect pwd.h.
          - detect getpwnam, getrlimit, setsid, sbrk, chroot.
          - default config has no chroot if chroot() unavailable.
          - if no kill() then no pidfile is read or written.
          - gmtime_r is replaced by nonthreadsafe alternative if unavail.
            used in rrsig time validation errors.


git-svn-id: file:///svn/unbound/trunk@1097 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-05-23 14:13:07 +00:00
Wouter Wijngaards
f3525b2081 log level 2. 
git-svn-id: file:///svn/unbound/trunk@930 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-07 11:04:56 +00:00
Wouter Wijngaards
849026931b move around debug levels. 
git-svn-id: file:///svn/unbound/trunk@929 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-07 09:46:49 +00:00