upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-02 12:59:36 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
5849 commits 23 branches 209 tags 124 MiB
Commit graph

5849 commits

This branch
This branch
All branches
Author SHA1 Message Date
Wouter Wijngaards
dbd5ea4f37
Merge pull request #351 from dvzrv/issues/350 
Add AF_NETLINK to set of allowed socket address families
 2020-11-23 08:57:23 +01:00
David Runge
c48f01445e
Add AF_NETLINK to set of allowed socket address families 
contrib/unbound{,_portable}.service.in:
With the changes introduced in f6a527c25a
it is now necessary to also allow access to the AF_NETLINK socket
address family to be able to get information from interfaces.

Without the AF_NETLINK address family the systemd service errors with:

```
error: failed to list interfaces: getifaddrs: Address family not
supported by protocol
```

Fixes #350
 2020-11-21 14:10:39 +01:00
W.C.A. Wijngaards
b891fe113c - Retry for interfaces with unused ports if possible. 2020-11-12 13:36:37 +01:00
W.C.A. Wijngaards
48b40b305a Changelog note. 2020-11-12 12:28:10 +01:00
W.C.A. Wijngaards
26aa550bd2 - Fix to connect() to UDP destinations, default turned on, 
this lowers vulnerability to ICMP side channels.
 2020-11-12 12:27:41 +01:00
W.C.A. Wijngaards
5385e2e094 - Fix #343: Fail to build --with-libnghttp2 with error: 'SSIZE_MAX' 
undeclared.
 2020-11-10 15:31:20 +01:00
W.C.A. Wijngaards
7977e1c4cb - Fix memory leak after fix for possible memory leak failure. 2020-11-10 13:51:56 +01:00
W.C.A. Wijngaards
3926035f30 Changelog note for #341 and layout change. 
- Fix #341: fixing a possible memory leak.
 2020-11-10 08:07:28 +01:00
Wouter Wijngaards
140ab1f701
Merge pull request #341 from ihsinme/patch-1 
fixing a possible memory leak.
 2020-11-10 08:06:46 +01:00
ihsinme
18226f1c17
fixing a possible memory leak. 2020-11-09 18:41:22 +03:00
W.C.A. Wijngaards
d104727c91 - In man page note that tls-cert-bundle is read before permission 
drop and chroot.
 2020-10-27 09:00:26 +01:00
W.C.A. Wijngaards
4990dae87d - Fix that minimal-responses does not remove addresses from a priming 
query response.
 2020-10-22 09:26:27 +02:00
W.C.A. Wijngaards
ca39cfd6ae - Fix #333: Unbound Segmentation Fault w/ log_info Functions From 
Python Mod.
 2020-10-22 08:47:40 +02:00
George Thessalonikefs
0272889c44 - Fix #320: potential memory corruption due to size miscomputation upton 
custom region alloc init.
 2020-10-21 17:44:04 +02:00
George Thessalonikefs
7c39cbc0a9 - Fix #327: net/if.h check fails on some darwin versions; contribution by 
Joshua Root.
 2020-10-21 16:45:18 +02:00
W.C.A. Wijngaards
ee3f26bb3d Add verbosity to debug occasional missing q1-10.example.net, from timer. 2020-10-21 10:56:51 +02:00
W.C.A. Wijngaards
725d4822e7 Changelog note for #228 
- Merge PR #228 : infra-keep-probing option to probe hosts that are
  down.  Add infra-keep-probing: yes option. Hosts that are down are
  probed more frequently.
  With the option turned on, it probes about every 120 seconds,
  eventually after exponential backoff, and that keeps that way. If
  traffic keeps up for the domain. It probes with one at a time, eg.
  one query is allowed to probe, other queries within that 120 second
  interval are turned away.
 2020-10-21 10:35:47 +02:00
Wouter Wijngaards
5ec15bc333
Merge pull request #228 from NLnetLabs/infra-keep-probing 
infra-keep-probing option to probe hosts that are down
 2020-10-21 10:34:40 +02:00
W.C.A. Wijngaards
37354c8927 Merge branch 'master' into infra-keep-probing 2020-10-21 10:13:10 +02:00
George Thessalonikefs
6fdc822aa0 - Changelog entry for PR #324: Add modern X.509v3 extensions to 
unbound-control TLS certificates, by James Renken.
 2020-10-19 15:10:17 +02:00
George Thessalonikefs
736a298eac Merge branch 'master' of github.com:NLnetLabs/unbound 2020-10-19 15:04:15 +02:00
George Thessalonikefs
2527ad1d46 Merge branch 'jprenken-master'; fixes #316. 2020-10-19 15:01:15 +02:00
George Thessalonikefs
50178d764a - Fix for attaching the X509v3 extensions to the client certificate. 2020-10-19 15:00:30 +02:00
W.C.A. Wijngaards
61922ce9da - Clean the fix for out of order TCP processing limits on number 
of queries.  It was tested to work.
 2020-10-19 13:39:02 +02:00
W.C.A. Wijngaards
531ce9e85c Fixup for clear of tcp handler structure. 2020-10-19 13:36:53 +02:00
W.C.A. Wijngaards
68c57314c4 - Fix to set the tcp handler event toggle flag back to default when 
the handler structure is reused.
 2020-10-19 12:55:43 +02:00
George Thessalonikefs
59d15ac9cf Merge branch 'master' of https://github.com/jprenken/unbound into jprenken-master 2020-10-19 12:18:55 +02:00
Ralph Dolmans
8861fb17fa Changelog entry for local-zone out of chunk regional allocation 2020-10-19 11:22:38 +02:00
Ralph Dolmans
a433a25ba3
Merge pull request #329 from NLnetLabs/nochunk-region 
local-zone regional allocations outside of chunk
 2020-10-19 11:21:30 +02:00
W.C.A. Wijngaards
ab9d732796 - Log ip address when http session recv fails, eg. due to tls fail. 2020-10-19 11:06:55 +02:00
W.C.A. Wijngaards
ca6e8ec6c2 Unit test for doh downstream notls. 2020-10-19 10:59:41 +02:00
W.C.A. Wijngaards
5cd2d10fe5 - Fix dnstap test to wait for log timer to see if queries are logged. 2020-10-19 10:43:35 +02:00
W.C.A. Wijngaards
c8390e390d - Fix python documentation warning on functions.rst inplace_cb_reply. 2020-10-19 10:41:03 +02:00
W.C.A. Wijngaards
a3e2bfbb0c - Fix #330: [Feature request] Add unencrypted DNS over HTTPS support. 
This adds the option http-notls-downstream: yesno to change that,
  and the dohclient test code has the -n option.
 2020-10-19 10:24:03 +02:00
W.C.A. Wijngaards
ba074c8bef - Fix memory leak of https port string when reading config. 2020-10-19 10:14:40 +02:00
W.C.A. Wijngaards
46607e7c0c - Fix that http settings have colon in set_option, for 
http-endpoint, http-max-streams, http-query-buffer-size,
  http-response-buffer-size, and http-nodelay.
 2020-10-19 09:06:33 +02:00
W.C.A. Wijngaards
f81d0ac047 - Fix that the out of order TCP processing does not limit the 
number of outstanding queries over a connection.
 2020-10-16 17:26:58 +02:00
Ralph Dolmans
1d11f470df - local-zone regional allocations outside of chunk to prevent large 
chunk per small local-zone allocations.
 2020-10-16 17:12:08 +02:00
George Thessalonikefs
d55084ea9e - Fix that if there are reply callbacks for the given rcode, those 
are called per reply and a new message created if that was modified
  by the call.
- Pass the comm_reply information to the inplace_cb_reply* functions
  during the mesh state and update the documentation on that.
 2020-10-15 17:17:59 +02:00
W.C.A. Wijngaards
edc8f363a7 Changelog note for #326 and changes: 
- DoH content length, simplify code, remove declaration after
  statement and fix cast warning.
 2020-10-15 08:22:42 +02:00
Wouter Wijngaards
7a7d7caf6a
Merge pull request #326 from netblue30/master 
DoH: implement content-length header field
 2020-10-15 08:19:37 +02:00
netblue30
b1a50720e5 DoH: implement content-lenght header field 2020-10-14 11:32:14 -04:00
W.C.A. Wijngaards
890c8deb0f - Free up auth zone parse region after use for lookup of host 2020-10-14 14:20:16 +02:00
W.C.A. Wijngaards
f0c19be06f - Fix that if there are on reply callbacks, those are called per 
reply and a new message created if that was modified by the call.
 2020-10-14 14:03:04 +02:00
W.C.A. Wijngaards
a9e13f3590 - Fix that if there are on reply callbacks, those are called per 
reply and a new message created if that was modified by the call.
 2020-10-14 14:01:47 +02:00
W.C.A. Wijngaards
72032a95bb - Fix for python reply callback to see mesh state reply_list member, 
it only removes it briefly for the commpoint call so that it does
  not drop it and attempt to modify the reply list during reply.
 2020-10-14 10:06:28 +02:00
W.C.A. Wijngaards
79a8db1ee1 - Fix #323: unbound testsuite fails on mock build in systemd-nspawn 
if systemd support is build.
 2020-10-13 08:28:59 +02:00
James Renken
e6c560e5c9
Add modern X.509v3 extensions to unbound-control TLS certificates 2020-10-12 22:06:20 -07:00
W.C.A. Wijngaards
fca884a7e6 - Fix warning in libnss compile, nss_buf2dsa is not used without DSA. 2020-10-09 14:31:55 +02:00
W.C.A. Wijngaards
795a33c6e5 - Fix dnstap socket and the chroot not applied properly to the dnstap 
socket path.
 2020-10-09 08:57:23 +02:00