upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-27 10:10:09 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
5156 commits 23 branches 209 tags 124 MiB
Commit graph

3532 commits

Author SHA1 Message Date
W.C.A. Wijngaards
af6f5a3f54 - Provide a prototype for compat malloc to remove compile warning. 2019-11-18 13:52:17 +01:00
W.C.A. Wijngaards
253d95a8ef - update to bison output of 3.4.1 in code repository. 2019-11-18 10:50:54 +01:00
W.C.A. Wijngaards
57f2582790 - In unbound-host use separate variable for get_option to please 
code checkers.
 2019-11-18 10:45:47 +01:00
W.C.A. Wijngaards
d05d6b959a - fixes for splint cleanliness, long vs int in SSL set_mode. 2019-11-13 15:16:27 +01:00
W.C.A. Wijngaards
d4c904d091 - contrib/fastrpz.patch updated to apply for current code. 2019-11-13 11:40:56 +01:00
W.C.A. Wijngaards
5ac9bf3f9b - iana portlist updated. 2019-11-13 11:37:06 +01:00
W.C.A. Wijngaards
f759fc5839 Changelog note and configure autoconf generated. 
- Merge #102 from jrtc27: Add getentropy emulation for FreeBSD.
 2019-11-11 14:46:24 +01:00
W.C.A. Wijngaards
29b90c6e58 - Fix #109: check number of arguments for stdin-pipes in 
unbound-control and fail if too many arguments.
 2019-11-11 12:02:51 +01:00
W.C.A. Wijngaards
7dfbcdf276 - Fix #99: Memory leak in ub_ctx (event_base will never be freed). 2019-10-24 09:58:45 +02:00
George Thessalonikefs
941b324187 Add new configure option --enable-fully-static to enable full static build if 
requested; in relation to #91.
 2019-10-23 16:10:07 +02:00
W.C.A. Wijngaards
21472c2393 Changelog note for #97. 
- Merge #97: manpage: Add missing word on unbound.conf,
  from Erethon.
 2019-10-23 07:56:17 +02:00
W.C.A. Wijngaards
e6a179e27a - drop-tld.diff: adds option drop-tld: yesno that drops 2 label 
queries, to stop random floods.  Apply with
  patch -p1 < contrib/drop-tld.diff and compile.
  From Saksham Manchanda (Secure64).  Please note that we think this
  will drop DNSKEY and DS lookups for tlds and hence break DNSSEC
  lookups for downstream clients.
 2019-10-22 10:32:37 +02:00
W.C.A. Wijngaards
eb2283332b - Add doxygen comments to unbound-anchor source address code, in #86. 2019-10-07 09:50:04 +02:00
W.C.A. Wijngaards
b2c3b4758b For #86, note credit for Lukas Wunner. 2019-10-03 16:29:45 +02:00
W.C.A. Wijngaards
8bfbd81fec Changelog entry for #86 and whitespace fix. 
- Merge #86 from psquarejho: Added -b source address option to
  smallapp/unbound-anchor.c.
 2019-10-03 16:22:42 +02:00
W.C.A. Wijngaards
facc6c6541 - Merge 1.9.4 release with fix for vulnerability CVE-2019-16866. 
- Continue with development of 1.9.5.
 2019-10-03 11:40:13 +02:00
W.C.A. Wijngaards
82dffb1023 Changelog entry for Merge #90. 
- Merge #90 from vcunat: fix build with nettle-3.5.
 2019-10-03 08:59:16 +02:00
W.C.A. Wijngaards
7963c9f463 Changelog note for #87. 
- Merge #87 from hardfalcon: Fix contrib/unbound.service.in,
  Drop CAP_KILL, use + prefix for ExecReload= instead.
 2019-09-26 13:17:46 +02:00
W.C.A. Wijngaards
55bb4c1275 - The unbound.conf includes are sorted ascending, for include 
statements with a '*' from glob.
 2019-09-25 16:50:30 +02:00
W.C.A. Wijngaards
06a91b0eaa Changelog entry for fix #84 and #85. 
- Merge #85 for #84 from sam-lunt: Add kill capability to systemd
  service file to fix that systemctl reload fails.
 2019-09-23 09:20:12 +02:00
W.C.A. Wijngaards
f635b47ade Changelog entry for #83 
- Merge #83 from Maryse47: contrib/unbound.service.in: do not fork
  into the background.
 2019-09-20 12:59:41 +02:00
W.C.A. Wijngaards
1b62399a6e Changelog entry for #81. 
- Merge #81 from Maryse47: Consistently use /dev/urandom instead
  of /dev/random in scripts and docs.
 2019-09-20 07:44:43 +02:00
W.C.A. Wijngaards
aefd2df51f (Changelog entry for #82). 
- Merge #82 from hardfalcon: Downgrade CAP_NET_ADMIN to CAP_NET_RAW
  in unbound.service.
 2019-09-20 07:38:34 +02:00
W.C.A. Wijngaards
1dcc88b6e8 - Merge #80 from stasic: Improve wording in man page. 
(Changelog entry for merge)
 2019-09-19 16:56:14 +02:00
W.C.A. Wijngaards
9f0b260c49 - Fix wrong response ttl for prepended short CNAME ttls, this would 
create a wrong zero_ttl response count with serve-expired enabled.
 2019-09-19 16:29:51 +02:00
W.C.A. Wijngaards
ab53baa6f5 - Fix for oss-fuzz build warning. 2019-09-19 10:09:49 +02:00
W.C.A. Wijngaards
554e4a939c - Fix fix for #78 to also free service callback struct. 2019-09-19 10:03:47 +02:00
W.C.A. Wijngaards
45b3215594 - oss-fuzz badge on README.md. 2019-09-19 09:55:23 +02:00
W.C.A. Wijngaards
3cb1cdeebd - Merge pull request #76 from Maryse47: Improvements and fixes for 
systemd unbound.service.
(Changelog note for merge of #76).
 2019-09-19 09:53:21 +02:00
W.C.A. Wijngaards
1a4eaaabc5 - Fix #78: Memory leak in outside_network.c. 2019-09-19 09:11:23 +02:00
W.C.A. Wijngaards
13d96540de - Use explicit bzero for wiping clear buffer of hash in cachedb, 
reported by Eric Sesterhenn from X41 D-Sec.
 2019-09-11 15:31:03 +02:00
W.C.A. Wijngaards
e45e9f1ce0 - Fix #72: configure --with-syslog-facility=LOCAL0-7 with default 
LOG_DAEMON (as before) can set the syslog facility that the server
  uses to log messages.
 2019-09-09 14:27:55 +02:00
W.C.A. Wijngaards
05b9f4fd28 - Fix #71: fix openssl error squelch commit compilation error. 2019-09-04 08:44:19 +02:00
W.C.A. Wijngaards
1089fd6dc1 - squelch DNS over TLS errors 'ssl handshake failed crypto error' 
on low verbosity, they show on verbosity 3 (query details), because
  there is a high volume and the operator cannot do anything for the
  remote failure.  Specifically filters the high volume errors.
 2019-09-03 09:47:27 +02:00
W.C.A. Wijngaards
366296ec14 - updated Makefile dependencies. 2019-09-02 15:56:24 +02:00
W.C.A. Wijngaards
7f9aa6734a - ipset: refactor long routine into three smaller ones. 2019-09-02 15:17:25 +02:00
W.C.A. Wijngaards
9902a5f81d - ipset module #28: log that an address is added, when verbosity high. 2019-09-02 13:50:42 +02:00
W.C.A. Wijngaards
cd0a2b1af1 - Master is 1.9.4 in development. 2019-08-27 09:56:20 +02:00
W.C.A. Wijngaards
a374dfb669 - Fix contrib/fastrpz.patch asprintf return value checks. 2019-08-23 08:41:46 +02:00
W.C.A. Wijngaards
79fa94834e - 1.9.3rc2 release candidate tag. 2019-08-22 14:50:49 +02:00
W.C.A. Wijngaards
06847ff3be - Fix that pkg-config is setup before --enable-systemd needs it. 2019-08-22 12:22:25 +02:00
W.C.A. Wijngaards
80c2c69fa7 - Fix log_dns_msg to log irrespective of minimal responses config. 2019-08-21 17:41:29 +02:00
Ralph Dolmans
8b752e359e - Document limitation of pidfile removal outside of chroot directory. 2019-08-19 13:27:19 +02:00
W.C.A. Wijngaards
d3b3d64ef3 - Remove warning about unknown cast-function-type warning pragma. 2019-08-16 12:52:58 +02:00
W.C.A. Wijngaards
c602ba7319 - Fixup contrib/fastrpz.patch 2019-08-16 12:37:13 +02:00
W.C.A. Wijngaards
bdb6c153e4 - Please doxygen's parser for "@" occurrence in doxygen comment. 2019-08-16 12:21:40 +02:00
W.C.A. Wijngaards
d8a8730cac - Fix unittest valgrind false positive uninitialised value report, 
where if gcc 9.1.1 uses -O2 (but not -O1) then valgrind 3.15.0
  issues an uninitialised value for the token buffer at the str2wire.c
  rrinternal_get_owner() strcmp with the '@' value.  Rewritten to use
  straight character comparisons removes the false positive.  Also
  valgrinds --expensive-definedness-checks=yes can stop this false
  positive.
 2019-08-16 12:18:23 +02:00
W.C.A. Wijngaards
0532cdd357 - (for later release): -V prints if TCP fastopen is available. 2019-08-15 17:04:38 +02:00
W.C.A. Wijngaards
e84b913585 - 1.9.3rc1 release candidate tag. 2019-08-15 15:49:15 +02:00
W.C.A. Wijngaards
a5027f5f56 - Fix character buffer size in ub_ctx_hosts. 2019-08-15 15:11:04 +02:00
W.C.A. Wijngaards
06a58ca248 - escape commandline contents for -V. 2019-08-15 15:05:02 +02:00
W.C.A. Wijngaards
4700d79024 - avoid warning about upcast on 32bit systems for autotrust. 2019-08-15 14:25:46 +02:00
W.C.A. Wijngaards
9d9884c442 - Fix autotrust temp file uniqueness windows compile. 2019-08-15 14:02:14 +02:00
W.C.A. Wijngaards
c1c75929fa - iana portlist updated. 2019-08-15 13:07:26 +02:00
W.C.A. Wijngaards
8cb3656b3e - Fix warning for unused variable for compilation without systemd. 2019-08-14 16:08:19 +02:00
George Thessalonikefs
a90f173875 - Fix #59, when compiled with systemd support check that we can properly 
communicate with systemd through the `NOTIFY_SOCKET`.
 2019-08-14 15:51:28 +02:00
gthess
fd415d8833
Merge branch 'master' into show-build-options 2019-08-14 11:45:41 +02:00
W.C.A. Wijngaards
b5a52f8c86 - Generate configlexer with newer flex. 2019-08-14 11:40:35 +02:00
George Thessalonikefs
008813f0a2 - Introduce -V option to print the version number and build options. 
Previously reported build options like linked libs and linked modules
  are now moved from `-h` to `-V` as well for consistency.
- PACKAGE_BUGREPORT now also includes link to GitHub issues.
 2019-08-12 17:52:43 +02:00
W.C.A. Wijngaards
fa506e3cda - Check repinfo in worker_handle_request, if null, drop it. 2019-08-01 16:57:36 +02:00
W.C.A. Wijngaards
df0c844eed - Fix to timeval_add for remaining second in microseconds. 2019-08-01 16:48:41 +02:00
W.C.A. Wijngaards
199e6c586b - Fix to return after failed auth zone http chunk write. 
- Fix to remove unused test for task_probe existance.
 2019-08-01 16:40:52 +02:00
W.C.A. Wijngaards
21f740d313 - Fix #52 #53, fix for example fail program. 2019-08-01 09:34:44 +02:00
W.C.A. Wijngaards
e860d39f54 - For #52 #53, second context does not close logfile override. 2019-08-01 09:15:33 +02:00
W.C.A. Wijngaards
27811ffaa9 - Add hex print of trust anchor pointer to trust anchor file temp 
name to make it unique, for libunbound created multiple contexts.
 2019-07-29 16:51:40 +02:00
W.C.A. Wijngaards
7d5ab2f4de - Add verbose log message when auth zone file is written, at level 4. 2019-07-29 09:25:49 +02:00
W.C.A. Wijngaards
5f5c00203e - Fix question section mismatch in local zone redirect. 2019-07-23 14:01:59 +02:00
W.C.A. Wijngaards
c94e13220b - Fix #49: Set no renegotiation on the SSL context to stop client 
session renegotiation.
 2019-07-19 08:18:06 +02:00
W.C.A. Wijngaards
368386c011 - Fix #48: Unbound returns additional records on NODATA response, 
if minimal-responses is enabled, also the additional for negative
  responses is removed.
 2019-07-12 14:34:35 +02:00
Ralph Dolmans
d5ebc63add - Fix in respip addrtree selection. Absence of addr_tree_init_parents() call 
made it impossible to go up the tree when the matching netmask is too
   specific.
 2019-07-09 14:58:36 +02:00
Ralph Dolmans
d323e1bda8 - Fix for possible assertion failure when answering respip CNAME from cache. 2019-07-05 16:52:03 +02:00
W.C.A. Wijngaards
da46ea24d5 - For #45, check that 127.0.0.1 and ::1 are not used in unbound.conf 
when do-not-query-localhost is turned on, or at default on,
  unbound-checkconf prints a warning if it is found in forward-addr or
  stub-addr statements.
 2019-06-25 14:50:49 +02:00
W.C.A. Wijngaards
1aa1facabc - Fix memleak in unit test, reported from the clang 8.0 static analyzer. 2019-06-24 10:53:27 +02:00
W.C.A. Wijngaards
78b2f1cc20 - Fix python dict reference and double free in config. 2019-06-18 17:25:08 +02:00
W.C.A. Wijngaards
164f302011 - Merge PR #6: Python module: support multiple instances 
- Merge PR #5: Python module: define constant MODULE_RESTART_NEXT
- Merge PR #4: Python module: assign something useful to the
  per-query data store 'qdata'
Noted in Changelog.
 2019-06-18 17:11:31 +02:00
W.C.A. Wijngaards
0f3eac4a0e - Added documentation to the ipset files (for doxygen output). 2019-06-18 16:25:11 +02:00
W.C.A. Wijngaards
72738471f1 - make depend 2019-06-18 15:59:10 +02:00
W.C.A. Wijngaards
c1e75c0369 - Fix to make unbound-control with ipset, remove unused variable, 
use unsigned type because of comparison, and assign null instead
  of compare with it.  Remade lex and yacc output.
 2019-06-18 15:57:28 +02:00
W.C.A. Wijngaards
b16c872a60 - PR #28: IPSet module, by Kevin Chou. Created a module to support 
the ipset that could add the domain's ip to a list easily.
  Needs libmnl, and --enable-ipset and config it, doc/README.ipset.md.
- Fix to omit RRSIGs from addition to the ipset.
 2019-06-18 15:38:37 +02:00
W.C.A. Wijngaards
bf2307ca97 - Fix for #24: Fix abort due to scan of auth zone masters using old 
address from previous scan.
 2019-06-17 14:15:36 +02:00
W.C.A. Wijngaards
1ec96d8f07 - Fix #39: In libunbound, leftover logfile is close()d unpredictably. 2019-06-17 12:13:12 +02:00
W.C.A. Wijngaards
3499d3c647 - Master contains version 1.9.3 in development. 2019-06-17 11:42:19 +02:00
W.C.A. Wijngaards
ee06aaaad9 - 1.9.2rc3 release candidate tag. 2019-06-14 08:38:37 +02:00
W.C.A. Wijngaards
af6c5dea43 - Fix another spoolbuf storage code point, in prefetch. 2019-06-12 08:32:45 +02:00
W.C.A. Wijngaards
b57771d42b - 1.9.2rc1 release candidate tag. 2019-06-11 12:46:44 +02:00
W.C.A. Wijngaards
6067ce6d2b - Fix that fixes the Fix that spoolbuf is not used to store tcp 
pipelined response between mesh send and callback end, this fixes
  error cases that did not use the correct spoolbuf.
 2019-06-11 12:15:43 +02:00
W.C.A. Wijngaards
081fd4fdae - 1.9.2rc1 release candidate tag. 2019-06-06 09:32:53 +02:00
W.C.A. Wijngaards
09a0e6ee30 - iana portlist updated. 2019-06-04 12:21:21 +02:00
W.C.A. Wijngaards
a4f4d7b6ba - Fix to guard _OPENBSD_SOURCE from redefinition. 2019-05-29 13:28:03 +02:00
W.C.A. Wijngaards
e2a2dcdfd5 - gitignore config.h.in~. 2019-05-28 11:12:41 +02:00
W.C.A. Wijngaards
14b11384a4 - Fix to define _OPENBSD_SOURCE to get reallocarray on NetBSD. 2019-05-28 11:12:05 +02:00
W.C.A. Wijngaards
a03f0a388e - Fix double file close in tcp pipelined response code. 2019-05-27 11:23:41 +02:00
Wouter Wijngaards
0b77c9d676 - Fix that spoolbuf is not used to store tcp pipelined response 
between mesh send and callback end.
 2019-05-24 09:35:38 +02:00
W.C.A. Wijngaards
1c3ba0cef7 - Note that so-reuseport at extreme load is better turned off, 
otherwise queries are not distributed evenly, on Linux 4.4.x.
 2019-05-20 11:57:09 +02:00
W.C.A. Wijngaards
310396190b - Fix #31: swig 4.0 and python module. 2019-05-16 11:06:01 +02:00
W.C.A. Wijngaards
a08fe8ca60 - Attempt to fix malformed tcp response. 2019-05-13 15:39:59 +02:00
W.C.A. Wijngaards
a95f5fd5cb - Squelch log messages from tcp send about connection reset by peer. 
They can be enabled with verbosity at higher values for diagnosing
  network connectivity issues.
 2019-05-13 10:39:39 +02:00
W.C.A. Wijngaards
a922a19d70 - Revert fix for oss-fuzz, error is in that build script that 
unconditionally includes .o files detected by configure, also
  when the machine architecture uses different LIBOBJS files.
 2019-05-09 17:07:01 +02:00
W.C.A. Wijngaards
a8d0177b36 - Attempt to fix build failure in oss-fuzz 
because of reallocarray.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14648.
Does not omit compile flags from commandline.
 2019-05-08 14:43:56 +02:00
W.C.A. Wijngaards
779b86fb22 - Fix doxygen output error on readme markdown vignettes. 2019-05-07 16:11:15 +02:00