upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-26 08:32:58 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
5862 commits 24 branches 209 tags 131 MiB
Commit graph

5862 commits

This branch
This branch
All branches
Author SHA1 Message Date
gthess
db945f018b
Merge pull request #313 from NLnetLabs/edns-string 
Replace edns-client-tag with edns-client-string option
 2020-11-23 17:34:42 +01:00
George Thessalonikefs
b0247b6e93 Merge branch 'master' into edns-string 2020-11-23 16:58:30 +01:00
George Thessalonikefs
201b949689 Merge branch 'master' into edns-string 2020-11-23 16:35:58 +01:00
George Thessalonikefs
2d184f7505 - Update manpage. 2020-11-23 16:32:00 +01:00
W.C.A. Wijngaards
62152e0493 Fix writepid for retvalue 0. 2020-11-23 14:17:58 +01:00
W.C.A. Wijngaards
19f8f4d9f9 Further fix for CVE-2020-28935, so the chown is omitted when the pidfile 
fails due to a symlink.
 2020-11-23 13:48:04 +01:00
W.C.A. Wijngaards
ad38783297 - Fix for #303 CVE-2020-28935 : Fix that symlink does not interfere 
with chown of pidfile.
 2020-11-23 13:42:11 +01:00
W.C.A. Wijngaards
9cc8aa1ddf - Option to toggle udp-connect, default is enabled. 2020-11-23 11:06:53 +01:00
W.C.A. Wijngaards
cca128b871 + - Fix #347: IP_DONTFRAG broken on Apple xcode 12.2. 2020-11-23 09:56:01 +01:00
W.C.A. Wijngaards
097e530c49 Changelog notes for #350 and #351 
- Merge #351 from dvzrv: Add AF_NETLINK to set of allowed socket
  address families.
- Fix #350: with the AF_NETLINK permission, to fix 1.12.0 error:
  failed to list interfaces: getifaddrs: Address family not
  supported by protocol.
 2020-11-23 08:58:41 +01:00
Wouter Wijngaards
dbd5ea4f37
Merge pull request #351 from dvzrv/issues/350 
Add AF_NETLINK to set of allowed socket address families
 2020-11-23 08:57:23 +01:00
David Runge
c48f01445e
Add AF_NETLINK to set of allowed socket address families 
contrib/unbound{,_portable}.service.in:
With the changes introduced in f6a527c25a
it is now necessary to also allow access to the AF_NETLINK socket
address family to be able to get information from interfaces.

Without the AF_NETLINK address family the systemd service errors with:

```
error: failed to list interfaces: getifaddrs: Address family not
supported by protocol
```

Fixes #350
 2020-11-21 14:10:39 +01:00
W.C.A. Wijngaards
b891fe113c - Retry for interfaces with unused ports if possible. 2020-11-12 13:36:37 +01:00
W.C.A. Wijngaards
48b40b305a Changelog note. 2020-11-12 12:28:10 +01:00
W.C.A. Wijngaards
26aa550bd2 - Fix to connect() to UDP destinations, default turned on, 
this lowers vulnerability to ICMP side channels.
 2020-11-12 12:27:41 +01:00
Ralph Dolmans
a4342ceb3a Merge branch 'master' into edns-string 2020-11-11 11:38:06 +01:00
Ralph Dolmans
946ed23f73 Merge branch 'master' into edns-string 2020-11-11 11:37:32 +01:00
W.C.A. Wijngaards
5385e2e094 - Fix #343: Fail to build --with-libnghttp2 with error: 'SSIZE_MAX' 
undeclared.
 2020-11-10 15:31:20 +01:00
W.C.A. Wijngaards
7977e1c4cb - Fix memory leak after fix for possible memory leak failure. 2020-11-10 13:51:56 +01:00
W.C.A. Wijngaards
3926035f30 Changelog note for #341 and layout change. 
- Fix #341: fixing a possible memory leak.
 2020-11-10 08:07:28 +01:00
Wouter Wijngaards
140ab1f701
Merge pull request #341 from ihsinme/patch-1 
fixing a possible memory leak.
 2020-11-10 08:06:46 +01:00
ihsinme
18226f1c17
fixing a possible memory leak. 2020-11-09 18:41:22 +03:00
W.C.A. Wijngaards
d104727c91 - In man page note that tls-cert-bundle is read before permission 
drop and chroot.
 2020-10-27 09:00:26 +01:00
W.C.A. Wijngaards
4990dae87d - Fix that minimal-responses does not remove addresses from a priming 
query response.
 2020-10-22 09:26:27 +02:00
W.C.A. Wijngaards
ca39cfd6ae - Fix #333: Unbound Segmentation Fault w/ log_info Functions From 
Python Mod.
 2020-10-22 08:47:40 +02:00
George Thessalonikefs
0272889c44 - Fix #320: potential memory corruption due to size miscomputation upton 
custom region alloc init.
 2020-10-21 17:44:04 +02:00
George Thessalonikefs
7c39cbc0a9 - Fix #327: net/if.h check fails on some darwin versions; contribution by 
Joshua Root.
 2020-10-21 16:45:18 +02:00
W.C.A. Wijngaards
ee3f26bb3d Add verbosity to debug occasional missing q1-10.example.net, from timer. 2020-10-21 10:56:51 +02:00
W.C.A. Wijngaards
725d4822e7 Changelog note for #228 
- Merge PR #228 : infra-keep-probing option to probe hosts that are
  down.  Add infra-keep-probing: yes option. Hosts that are down are
  probed more frequently.
  With the option turned on, it probes about every 120 seconds,
  eventually after exponential backoff, and that keeps that way. If
  traffic keeps up for the domain. It probes with one at a time, eg.
  one query is allowed to probe, other queries within that 120 second
  interval are turned away.
 2020-10-21 10:35:47 +02:00
Wouter Wijngaards
5ec15bc333
Merge pull request #228 from NLnetLabs/infra-keep-probing 
infra-keep-probing option to probe hosts that are down
 2020-10-21 10:34:40 +02:00
W.C.A. Wijngaards
37354c8927 Merge branch 'master' into infra-keep-probing 2020-10-21 10:13:10 +02:00
George Thessalonikefs
6fdc822aa0 - Changelog entry for PR #324: Add modern X.509v3 extensions to 
unbound-control TLS certificates, by James Renken.
 2020-10-19 15:10:17 +02:00
George Thessalonikefs
736a298eac Merge branch 'master' of github.com:NLnetLabs/unbound 2020-10-19 15:04:15 +02:00
George Thessalonikefs
2527ad1d46 Merge branch 'jprenken-master'; fixes #316. 2020-10-19 15:01:15 +02:00
George Thessalonikefs
50178d764a - Fix for attaching the X509v3 extensions to the client certificate. 2020-10-19 15:00:30 +02:00
W.C.A. Wijngaards
61922ce9da - Clean the fix for out of order TCP processing limits on number 
of queries.  It was tested to work.
 2020-10-19 13:39:02 +02:00
W.C.A. Wijngaards
531ce9e85c Fixup for clear of tcp handler structure. 2020-10-19 13:36:53 +02:00
W.C.A. Wijngaards
68c57314c4 - Fix to set the tcp handler event toggle flag back to default when 
the handler structure is reused.
 2020-10-19 12:55:43 +02:00
George Thessalonikefs
59d15ac9cf Merge branch 'master' of https://github.com/jprenken/unbound into jprenken-master 2020-10-19 12:18:55 +02:00
Ralph Dolmans
8861fb17fa Changelog entry for local-zone out of chunk regional allocation 2020-10-19 11:22:38 +02:00
Ralph Dolmans
a433a25ba3
Merge pull request #329 from NLnetLabs/nochunk-region 
local-zone regional allocations outside of chunk
 2020-10-19 11:21:30 +02:00
W.C.A. Wijngaards
ab9d732796 - Log ip address when http session recv fails, eg. due to tls fail. 2020-10-19 11:06:55 +02:00
W.C.A. Wijngaards
ca6e8ec6c2 Unit test for doh downstream notls. 2020-10-19 10:59:41 +02:00
W.C.A. Wijngaards
5cd2d10fe5 - Fix dnstap test to wait for log timer to see if queries are logged. 2020-10-19 10:43:35 +02:00
W.C.A. Wijngaards
c8390e390d - Fix python documentation warning on functions.rst inplace_cb_reply. 2020-10-19 10:41:03 +02:00
W.C.A. Wijngaards
a3e2bfbb0c - Fix #330: [Feature request] Add unencrypted DNS over HTTPS support. 
This adds the option http-notls-downstream: yesno to change that,
  and the dohclient test code has the -n option.
 2020-10-19 10:24:03 +02:00
W.C.A. Wijngaards
ba074c8bef - Fix memory leak of https port string when reading config. 2020-10-19 10:14:40 +02:00
W.C.A. Wijngaards
46607e7c0c - Fix that http settings have colon in set_option, for 
http-endpoint, http-max-streams, http-query-buffer-size,
  http-response-buffer-size, and http-nodelay.
 2020-10-19 09:06:33 +02:00
W.C.A. Wijngaards
f81d0ac047 - Fix that the out of order TCP processing does not limit the 
number of outstanding queries over a connection.
 2020-10-16 17:26:58 +02:00
Ralph Dolmans
1d11f470df - local-zone regional allocations outside of chunk to prevent large 
chunk per small local-zone allocations.
 2020-10-16 17:12:08 +02:00