upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-27 18:20:02 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6832 commits 23 branches 209 tags 124 MiB
Commit graph

1820 commits

Author SHA1 Message Date
George Thessalonikefs
3086335724 - Introduce ratelimit-backoff and ip-ratelimit-backoff options for more 
aggressive rate limiting.
 2022-01-30 00:36:29 +01:00
George Thessalonikefs
f857af873e - Update ratelimit code for recent serviced_query changes and more 
accurate ratelimit calculation.
 2022-01-29 23:49:38 +01:00
George Thessalonikefs
c49e87e1b7 - Fix tls-* and ssl-* documented alternate syntax to also be available 
through remote-control and unbound-checkconf.
 2022-01-29 15:11:47 +01:00
George Thessalonikefs
f0c6d26155 - Better bookkeeping when reclaiming the TCP buffer. 2022-01-25 10:32:37 +01:00
George Thessalonikefs
c3c0186658 - Add serviced_query timer to send upstream queries outside of the mesh 
flow to prevent race conditions.
 2022-01-25 00:01:43 +01:00
W.C.A. Wijngaards
2996040c6c - Add rpz: for-downstream: yesno option, where the RPZ zone is 
authoritatively answered for, so the RPZ zone contents can be
  checked with DNS queries directed at the RPZ zone.
 2022-01-14 16:23:43 +01:00
W.C.A. Wijngaards
392c1f0f54 - Fix #596: unset the RA bit when a query is blocked by an unbound 
RPZ nxdomain reply. The option rpz-signal-nxdomain-ra allows to
  signal that a domain is externally blocked to clients when it
  is blocked with NXDOMAIN by unsetting RA.
 2022-01-04 13:40:07 +01:00
W.C.A. Wijngaards
4efbee08b5 - Fix compile warning for if_nametoindex on windows 64bit. 2021-12-03 10:44:47 +01:00
gthess
43615e98b5
Merge pull request #522 from sibeream/net_help_RESOURCE_LEAK 
- memory management violations fixed
 2021-12-01 03:59:32 +01:00
gthess
806a75808d
Merge pull request #562 from NLnetLabs/bugfix/reset-keepalive-per-tcp-session 
Reset keepalive per new tcp session
 2021-12-01 03:57:04 +01:00
gthess
ba9356af99
Merge pull request #555 from fobser/if_nametoindex 
Allow interface names as scope-id in IPv6 link-local addresses.
 2021-12-01 03:54:45 +01:00
W.C.A. Wijngaards
88da8ce174 - iana portlist update. 2021-11-30 15:05:27 +01:00
Wouter Wijngaards
9645228f03
Merge pull request #570 from rex4539/typos 
Fix typos
 2021-11-29 11:39:48 +01:00
tcarpay
c47e98a659
Merge pull request #563 from NLnetLabs/bugfix/general-edns-options3 
Better positioning of general EDNS option handling: revisited V2
 2021-11-15 15:14:51 +01:00
Tom Carpay
ff030fa332 Clarify KEEPALIVE EDNS0 option operation 2021-11-15 14:00:31 +00:00
Tom Carpay
e899b4cefe Make explicit whether edns options are parsed from queries or responses 2021-11-15 13:40:51 +00:00
Tom Carpay
b47dc528aa add missing return code 2021-11-15 12:33:08 +00:00
Dimitris Apostolou
c21d6af617
Fix typos 2021-11-13 16:56:15 +02:00
tcarpay
a0df340b1e
Update util/data/msgparse.c 
Co-authored-by: gthess <george@nlnetlabs.nl>
 2021-11-08 12:28:03 +01:00
TCY16
8205c87a96 complete renaming of the modules edns list 2021-11-08 11:50:29 +01:00
tcarpay
fa73142b79
Apply suggestions from code review 
Co-authored-by: Willem Toorop <willem@nlnetlabs.nl>
 2021-11-08 11:02:54 +01:00
George Thessalonikefs
24eded6ef9 - Fix for #558: clear the UB_EV_TIMEOUT bit before adding an event. 2021-11-05 11:21:30 +01:00
George Thessalonikefs
431b749d7a - Fix for #558: fix loop in comm_point->tcp_free when a comm_point is reclaimed 
more than once during callbacks.
 2021-11-05 11:19:08 +01:00
Willem Toorop
53a1677828 Reset keepalive per new tcp session 2021-11-01 21:06:07 +01:00
Tom Carpay
cb48d9e4a1 Fix keepalive logic 2021-11-01 15:01:07 +00:00
Tom Carpay
5f8447830a Move option handling to parse-time 2021-11-01 13:48:31 +00:00
Tom Carpay
89d7476539 split edns_data.opt_list in opt_list_in and opt_list_out 
opt_list_in for parsed (incoming) edns options, and
opt_list_out for outgoing (to be encoded) edns options
 2021-11-01 12:48:40 +00:00
Tom Carpay
3ebfa9fc97 Outgoing module options go to opt_list_modules_out 
And opt_list_modules_out is reset in case of failure
BEWARE! No options from modules will be encoded in the responses now!
 2021-10-27 14:01:56 +00:00
Tom Carpay
3e6eeb504d Modules have their own outgoing ends options list 
But nothing happens with it yet
 2021-10-27 13:48:49 +00:00
Florian Obser
8756f1e4c7 Allow interface names as scope-id in IPv6 link-local addresses. 
For example, this makes
forward-zone:
    name: "."
    forward-addr: fe80::20d:b9ff:fe46:c7f4%vio0
    forward-first: yes

work instead of fe80::20d:b9ff:fe46:c7f4%1.
 2021-10-24 16:06:55 +02:00
W.C.A. Wijngaards
ecb0b44ba8 - Fix to protect custom regional create against small values. 2021-10-11 17:23:30 +02:00
W.C.A. Wijngaards
9f26f397a9 - Fix crosscompile windows to use libssp when it exists. 
- For the windows compile script disable gost.
- Fix that on windows, use BIO_set_callback_ex instead of deprecated
 2021-09-21 13:51:34 +02:00
W.C.A. Wijngaards
829f3c932e - Fix for #41: change outbound retry to int to fix signed comparison 
warnings.
 2021-09-08 15:07:11 +02:00
W.C.A. Wijngaards
750f46d1aa - Small fixes for #41: changelog, conflicts resolved, 
processQueryResponse takes an iterator env argument like other
  functions in the iterator, no colon in string for set_option,
  and some whitespace style, to make it similar to the rest.
 2021-09-08 14:52:56 +02:00
W.C.A. Wijngaards
204edd229e Merge branch 'feature/configure-outbound_msg_retry' of git://github.com/countsudoku/unbound into countsudoku-feature/configure-outbound_msg_retry 2021-09-08 14:38:36 +02:00
Thomas du Boÿs
ebb4987146 Fix subnetcache statistics 2021-09-03 10:37:07 +02:00
W.C.A. Wijngaards
520fa84265 - Fix tcp fastopen failure when disabled, try normal connect instead. 2021-09-01 16:21:10 +02:00
W.C.A. Wijngaards
4b2799fdd6 - Fix #533: Negative responses get cached even when setting 
cache-max-negative-ttl: 1
 2021-08-27 10:33:21 +02:00
Wouter Wijngaards
74f1f0addd
Merge pull request #401 from NLnetLabs/rpz-triggers 
RPZ triggers
 2021-08-25 10:14:12 +02:00
W.C.A. Wijngaards
54b7554b5a Changelog note for #529 and nicer layout. 
- Fix #529: Fix: log_assert does nothing if UNBOUND_DEBUG is
  undefined.
 2021-08-20 14:32:13 +02:00
Shchelkunov Artem
4ea9651624
Fix: log_assert does nothing if UNBOUND_DEBUG is undefined 
Found by static analyzer svace
Static analyzer message: Integer value 'len' obtained from untrusted
source at tube.c:374 by passing as 2nd parameter to function 'read'
at tube.c:340 without checking its higher bound is used as a loop bound
at tube.c:374.


on-behalf-of: @ideco-team <github@ideco.ru>
 2021-08-20 17:16:39 +05:00
W.C.A. Wijngaards
a9de6879b8 Merge branch 'master' into rpz-triggers 2021-08-18 09:53:35 +02:00
W.C.A. Wijngaards
d88f554503 - Fix #527: not sending quad9 cert to syslog (and may be more). 2021-08-17 13:03:33 +02:00
W.C.A. Wijngaards
ad45e9b89e - Fix for #431: Squelch permission denied errors for udp connect, 
and udp send, they are visible at higher verbosity settings.
 2021-08-13 09:27:58 +02:00
W.C.A. Wijngaards
de31bcdf2e - Support using system-wide crypto policies. 2021-08-13 09:21:47 +02:00
W.C.A. Wijngaards
2f828ec720 - For #519: yacc and lex. And fix python bindings, and test program 
unbound-dnstap-socket.
 2021-08-12 15:12:55 +02:00
Wouter Wijngaards
0ace659fe2
Merge pull request #519 from ziollek/tcp_upstream_option 
Support for selective enabling tcp-upstream for stub/forward zones
 2021-08-12 15:03:57 +02:00
Wouter Wijngaards
79df099f4c
Merge pull request #523 from Shchelk/bugfix 
fix: free() call more than once with the same pointer
 2021-08-12 13:45:00 +02:00
Shchelkunov Artem
e20b2c1aaf fix: free() call more than once with the same pointer 2021-08-11 15:14:43 +05:00
Artem Egorenkov
0d8dd6ec33 - memory management violations fixed 2021-08-06 14:11:12 +02:00