unbound

mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-05 14:29:37 -05:00

Author	SHA1	Message	Date
Wouter Wijngaards	daab92e954	- algorithm compromise protection using the algorithms signalled in the DS record. Also, trust anchors, DLV, and RFC5011 receive this, and thus, if you have multiple algorithms in your trust-anchor-file then it will now behave different than before. Also, 5011 rollover for algorithms needs to be double-signature until the old algorithm is revoked. git-svn-id: file:///svn/unbound/trunk@2358 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-21 14:19:55 +00:00
Wouter Wijngaards	f378068b32	please lint git-svn-id: file:///svn/unbound/trunk@2357 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-20 16:08:52 +00:00
Wouter Wijngaards	e9582487d9	Work on validation of multiple algorithms. git-svn-id: file:///svn/unbound/trunk@2356 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-20 15:58:12 +00:00
Wouter Wijngaards	c4c8a65ff2	- fix validation in this case: CNAME to nodata for co-hosted opt-in NSEC3 insecure delegation, was bogus, fixed to be insecure. git-svn-id: file:///svn/unbound/trunk@2355 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-17 10:05:56 +00:00
Wouter Wijngaards	f8796f94f4	squelch 'tcp connect: bla' errors in logfile. git-svn-id: file:///svn/unbound/trunk@2354 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-17 09:10:46 +00:00
Wouter Wijngaards	ecb9db442d	- Fix our 'BDS' license (typo reported by Xavier Belanger). git-svn-id: file:///svn/unbound/trunk@2353 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-16 16:18:30 +00:00
Wouter Wijngaards	bc7ac1981a	Fix compile on WinXP. git-svn-id: file:///svn/unbound/trunk@2352 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-15 14:44:04 +00:00
Wouter Wijngaards	57f309ab1d	- iana portlist updated. - review changes for unbound-anchor. git-svn-id: file:///svn/unbound/trunk@2351 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-10 15:01:39 +00:00
Wouter Wijngaards	dd8e44ac37	- feature typetransparent localzone, does not block other RR types. git-svn-id: file:///svn/unbound/trunk@2350 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-02 12:39:33 +00:00
Wouter Wijngaards	9997255caa	- Fix bug#338: print address when socket creation fails. git-svn-id: file:///svn/unbound/trunk@2349 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-12-01 09:59:39 +00:00
Wouter Wijngaards	79f4ca6a28	Fix storage of noEDNS in the infra cache. iana portlist updated. git-svn-id: file:///svn/unbound/trunk@2348 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-30 12:55:48 +00:00
Wouter Wijngaards	78cc3d8ae1	harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove. Default off (for now), as some older software that gives nxdomain for ENT would be incompatible. But that would only happen in the reverse tree, and such software (nonDNSSEC) may go out of style, so in the future a default yes could be possible. git-svn-id: file:///svn/unbound/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-18 08:49:15 +00:00
Wouter Wijngaards	5e62750fcd	- make test output nicer. git-svn-id: file:///svn/unbound/trunk@2346 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-17 15:50:52 +00:00
Wouter Wijngaards	289f13bc25	- implement draft-vixie-dnsext-resimprove-00, we stop on NXDOMAIN. git-svn-id: file:///svn/unbound/trunk@2345 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-17 10:02:34 +00:00
Wouter Wijngaards	8c5b3d3c8f	- so-sndbuf option for very busy servers, a bit like so-rcvbuf. git-svn-id: file:///svn/unbound/trunk@2344 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-15 14:30:34 +00:00
Wouter Wijngaards	e430e8cef8	errno filtering better: sendto and sendmsg filtered in the same way. Also ENETDOWN and ENETUNREACH for tcp (already had EHOSTDOWN and EHOSTUNREACH). git-svn-id: file:///svn/unbound/trunk@2343 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-15 14:00:20 +00:00
Wouter Wijngaards	95da05c4bc	iana portlist updated. git-svn-id: file:///svn/unbound/trunk@2342 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-15 13:16:09 +00:00
Wouter Wijngaards	c9dbc9907a	- silence 'tcp connect: broken pipe' at low verbosity. git-svn-id: file:///svn/unbound/trunk@2341 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-15 13:15:23 +00:00
Wouter Wijngaards	6976832ffe	unbound-anchor portable with openssl 0.9.7. git-svn-id: file:///svn/unbound/trunk@2340 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-09 16:05:02 +00:00
Wouter Wijngaards	2fe65ab2b5	- Be lenient and accept imgw.pl malformed packet (like BIND). git-svn-id: file:///svn/unbound/trunk@2339 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-08 18:32:55 +00:00
Wouter Wijngaards	4e8ae039fa	move to version 1.4.8 git-svn-id: file:///svn/unbound/trunk@2338 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-08 13:22:54 +00:00
Wouter Wijngaards	c140638659	Test DS and CNAME in cache. git-svn-id: file:///svn/unbound/trunk@2336 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-05 15:45:53 +00:00
Wouter Wijngaards	0b30fca935	- do not synthesize a CNAME message from cache for qtype DS. git-svn-id: file:///svn/unbound/trunk@2335 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-05 15:29:50 +00:00
Wouter Wijngaards	f41a92daf5	detect nc version git-svn-id: file:///svn/unbound/trunk@2334 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-04 15:20:11 +00:00
Wouter Wijngaards	93e8ff1bb0	Fix test to work on ubuntu. git-svn-id: file:///svn/unbound/trunk@2333 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-04 15:16:13 +00:00
Wouter Wijngaards	04e45f98d6	nicer failure git-svn-id: file:///svn/unbound/trunk@2332 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-04 12:35:39 +00:00
Wouter Wijngaards	08c580bb32	better fix git-svn-id: file:///svn/unbound/trunk@2331 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-04 12:26:25 +00:00
Wouter Wijngaards	d748bca7de	use central entropy to seed threads. git-svn-id: file:///svn/unbound/trunk@2330 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-04 11:38:23 +00:00
Wouter Wijngaards	a3a1119f54	- Change the rtt used to probe EDNS-timeout hosts to 1000 msec. git-svn-id: file:///svn/unbound/trunk@2329 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-03 09:06:49 +00:00
Wouter Wijngaards	74505ea3f2	Tested on win7. git-svn-id: file:///svn/unbound/trunk@2328 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-02 12:38:15 +00:00
Wouter Wijngaards	98c4161631	code review. git-svn-id: file:///svn/unbound/trunk@2327 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-02 10:03:18 +00:00
Wouter Wijngaards	4bc34509fa	updated ldns tarball git-svn-id: file:///svn/unbound/trunk@2325 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-01 15:00:35 +00:00
Wouter Wijngaards	f625bfdd15	ldns tarball updated and build script for test updated. git-svn-id: file:///svn/unbound/trunk@2324 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-01 12:37:30 +00:00
Wouter Wijngaards	93ffd44608	GOST code enabled by default (RFC 5933) git-svn-id: file:///svn/unbound/trunk@2323 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-11-01 11:24:07 +00:00
Wouter Wijngaards	fcf1157fa4	- Configure detects libev-4.00. git-svn-id: file:///svn/unbound/trunk@2322 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-29 15:03:20 +00:00
Wouter Wijngaards	488aee467a	- Fix validation failure for parent and child on same server with an insecure childzone and a CNAME from parent to child. git-svn-id: file:///svn/unbound/trunk@2321 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-29 13:10:26 +00:00
Wouter Wijngaards	ba340cd07a	- Fix uninit value in dump_infra print. git-svn-id: file:///svn/unbound/trunk@2320 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-29 10:20:40 +00:00
Wouter Wijngaards	1eb0eea744	newer ldns for outofdir build git-svn-id: file:///svn/unbound/trunk@2319 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-27 14:16:34 +00:00
Wouter Wijngaards	25ea68e730	allocfix git-svn-id: file:///svn/unbound/trunk@2318 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-27 14:02:20 +00:00
Wouter Wijngaards	881245fa9d	Fix compile in alloccheck case. git-svn-id: file:///svn/unbound/trunk@2317 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-27 13:59:17 +00:00
Wouter Wijngaards	d7a6b3f914	Fix. git-svn-id: file:///svn/unbound/trunk@2316 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-27 12:23:23 +00:00
Wouter Wijngaards	f794810a5f	Remove warnings on NetBSD. git-svn-id: file:///svn/unbound/trunk@2315 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-27 12:21:44 +00:00
Wouter Wijngaards	758a42643a	nicer output from debug commands git-svn-id: file:///svn/unbound/trunk@2314 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-27 08:09:22 +00:00
Wouter Wijngaards	fdfa7b2793	subtract 1000 so it is more than the RTT_BAND git-svn-id: file:///svn/unbound/trunk@2313 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-26 15:41:23 +00:00
Wouter Wijngaards	a6b302f117	fix for top reuse git-svn-id: file:///svn/unbound/trunk@2312 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-26 15:28:01 +00:00
Wouter Wijngaards	498cc8ab88	- Change of timeout code. No more lost and backoff in blockage. At 12sec timeout (and at least 2x lost before) one probe per IP is allowed only. At 120sec, the IP is blocked. After 15min, a 120sec entry has a single retry packet. git-svn-id: file:///svn/unbound/trunk@2311 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-26 15:02:08 +00:00
Wouter Wijngaards	a032ac2f61	neater API for unbound-control lookup. git-svn-id: file:///svn/unbound/trunk@2310 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-26 13:43:28 +00:00
Wouter Wijngaards	a72fe210ca	remove lost and backoff values. git-svn-id: file:///svn/unbound/trunk@2309 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-26 13:30:37 +00:00
Wouter Wijngaards	573ce5a4de	- no timeout backoff if meanwhile a query succeeded. git-svn-id: file:///svn/unbound/trunk@2308 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-26 12:15:00 +00:00
Wouter Wijngaards	4dca799fbf	tarball contains ldns 1.6.7rc1 git-svn-id: file:///svn/unbound/trunk@2307 be551aaa-1e26-0410-a405-d3ace91eadb9	2010-10-26 09:59:20 +00:00

1 2 3 4 5 ...

2307 commits