upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-27 18:20:02 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
7804 commits 23 branches 209 tags 124 MiB
Commit graph

128 commits

Author SHA1 Message Date
Yorgos Thessalonikefs
2e398d51ba
Fix cache update when serve expired is used (#1143) 
- Fix cache update when serve expired is used in order to not evict
  still usable expired records. Modules are forbidden to update the
  cache if their answer is DNSSEC unchecked or bogus and a valid
  (expired) entry already exists. Bogus replies from the validator are
  also discarded in favor of existing (expired) valid replies.

- serve-expired-ttl-reset should try to keep expired records in the
  cache in case they are reset.
 2024-09-24 16:47:04 +02:00
Wouter Wijngaards
ad21dbd1c2
Cookie secret file (#1090) 
* - cookie-secret-file, define struct.

* - cookie-secret-file, add config option, create, read and delete struct.

* - cookie-secret-file, check cookie secrets for cookie validation.

* - cookie-secret-file, unbound-control add_cookie_secret, drop_cookie_secret,
  activate_cookie_secret and print_cookie_secrets.

* - cookie-secret-file, test and fix locks, renew writes a fresh cookie,
  staging cookies get a fresh cookie and spelling in error message.

* - cookie-secret-file, remove unused variable from cookie file unit test.

* Remove unshare and faketime dependencies for cookie_file test; documentation nits.

---------

Co-authored-by: Yorgos Thessalonikefs <yorgos@nlnetlabs.nl>
 2024-08-02 13:32:08 +02:00
Yorgos Thessalonikefs
f5a2160ba3 - Fix unused variable warning on compilation with no thread support. 2024-05-27 14:56:52 +02:00
Yorgos Thessalonikefs
6f030e9672
Proper parent identification for dynamically entered local zones (#1076) 
- Fix #1059: Intermittent DNS blocking failure with local-zone and
  always_nxdomain. Addition of local_zones dynamically via
  unbound-control was not finding the zone's parent correctly.
 2024-05-24 15:21:40 +02:00
George Thessalonikefs
bab5ad623c - For #762: Introduce stat counters for downstream DNS Cookies per 
thread and total: num.queries_cookie_valid, num.queries_cookie_client,
  num.queries.cookie_invalid.
 2023-08-08 15:19:56 +02:00
George Thessalonikefs
4ccb613396 Merge branch 'master' into features/downstream-cookies 2023-08-05 20:37:48 +02:00
George Thessalonikefs
fbc0256825 - For #762: Cleaner manpage text and uniform use of the term DNS 
Cookies.
 2023-08-05 20:00:37 +02:00
George Thessalonikefs
8580a74b37 - For #762: Introduce rpl testing for DNS Cookies. 2023-08-05 19:50:57 +02:00
George Thessalonikefs
702f485587 - For #762: relocate EDNS cookie code to util/edns and introduce unit 
tests.
 2023-08-04 14:26:08 +02:00
George Thessalonikefs
08e11284fb - For #911: Try to trim EXTRA-TEXT (and LDNS_EDE_OTHER options 
altogether) before giving up on attaching EDE options.
 2023-08-01 09:55:28 +02:00
George Thessalonikefs
7c9177095f - Remove unused LDNS function check for GOST Engine unloading. 2022-06-20 16:27:15 +02:00
W.C.A. Wijngaards
7d70e3c861 - Fix initialisation errors reported by gcc sanitizer. 2021-09-10 14:30:57 +02:00
George Thessalonikefs
ab318a8b95 - Add unittest for tcp_reuse functions. 2021-07-24 01:15:00 +02:00
W.C.A. Wijngaards
b7a633fdc0 Merge branch 'master' into zonemd 2021-02-04 16:08:11 +01:00
W.C.A. Wijngaards
c32c9a0ae2 zonemd, zonemd unit test in own file. 2020-10-21 12:04:53 +02:00
W.C.A. Wijngaards
1245457967 zonemd, fix that zonemd absence in unsigned zone does not invalidate zone. 2020-10-21 11:56:41 +02:00
W.C.A. Wijngaards
e8d29f973d zonemd, fix that dnssec denial does not invalidate zone. 
zonemd, unit test of nsec and nsec3 denial.
 2020-10-21 11:51:30 +02:00
W.C.A. Wijngaards
2eb39abbaf - Fix that reuse_tcp_close_oldest sets item_on_lru_list to 0. 
- Fix to add assertions to reuse_tcp_select_id and unit test.
- Fix that if no tcp buffers then pending tcp query stops.
 2020-10-21 09:49:55 +02:00
W.C.A. Wijngaards
f675077502 zonemd, unit test improved debug output and unit test dnssec verify zonemd 2020-10-20 16:49:49 +02:00
W.C.A. Wijngaards
89618ff9ba zonemd, unit test more zones. 2020-10-19 16:26:22 +02:00
W.C.A. Wijngaards
a525284421 zonemd, remove debug. 2020-10-16 16:15:35 +02:00
W.C.A. Wijngaards
ceb0214b7d zonemd, unit tests for dnssec verify 2020-10-16 16:09:13 +02:00
W.C.A. Wijngaards
0a238280b9 zonemd, unit test for dnssec verify, implement test. 2020-10-15 12:27:22 +02:00
W.C.A. Wijngaards
e6aab488c8 zonemd, fix anchor unlock. 
zonemd, unit test for dnssec verify function test harness.
 2020-10-15 09:17:57 +02:00
W.C.A. Wijngaards
b20fefb858 zonemd, unit test, reorder test order 2020-10-09 14:03:13 +02:00
W.C.A. Wijngaards
6a8ed4bb15 zonemd, unit test, tests the check routine and reason for failure. 2020-10-09 13:59:44 +02:00
W.C.A. Wijngaards
2f7908b669 zonemd, unit test, note example origins. 2020-10-09 12:20:50 +02:00
W.C.A. Wijngaards
cdf6544b46 zonemd, unit test, succeeds at verifying examples of zonemd draft-12. 2020-10-09 12:18:25 +02:00
W.C.A. Wijngaards
3163a93121 zonemd, loop over zone and canonicalize data, test call in unit test. 2020-10-06 17:07:24 +02:00
George Thessalonikefs
584c2cf804 - Fix tests for new rrset-roundrobin default. 2020-04-21 22:02:56 +02:00
Jeffrey Walton
dafe849c5b
Add libevent testing to Travis 2020-03-17 12:33:08 -04:00
Ralph Dolmans
90040b24ce - Fix link error when OpenSSL is configured with no-engine, thanks noloader. 2020-03-02 14:06:10 +01:00
Jeffrey Walton
f5f83bc025 Fix link error when OpenSSL is configured with no-engine (GH #175) 2020-02-29 19:27:44 -05:00
W.C.A. Wijngaards
216747bb17 - Fix lock type for memory purify log lock deletion. 2019-12-04 09:44:31 +01:00
W.C.A. Wijngaards
d8809c672a - Fix Weak Entropy Used For Nettle, 
reported by X41 D-Sec.
 2019-11-20 11:28:53 +01:00
Wouter Wijngaards
4bf9d12419 - Fix for 4126 that the #define for UNKNOWN_SERVER_NICENESS can be more 
easily changed to adjust default rtt assumptions.


git-svn-id: file:///svn/unbound/trunk@4779 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-12 14:15:03 +00:00
Wouter Wijngaards
4e2bafafef valgrind more unit tests. 
git-svn-id: file:///svn/unbound/trunk@4667 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-01 12:12:21 +00:00
Ralph Dolmans
e13088d911 - Fix #2031: Double included headers 
git-svn-id: file:///svn/unbound/trunk@4388 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-25 13:30:32 +00:00
Wouter Wijngaards
4e66465e22 - Fix to unlock view in view test. 
git-svn-id: file:///svn/unbound/trunk@4234 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 11:16:31 +00:00
Wouter Wijngaards
20f8dafcd4 - Fix #1301: memory leak in respip and tests. 
git-svn-id: file:///svn/unbound/trunk@4228 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:27:49 +00:00
Wouter Wijngaards
71fba3d221 - first services/authzone check in, it compiles and reads and writes 
zonefiles.


git-svn-id: file:///svn/unbound/trunk@4178 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-23 09:32:40 +00:00
Wouter Wijngaards
17dd3370fc - (for 1.6.3:) unbound.h exports the shm stats structures. They use 
type long long and no ifdefs, and ub_ before the typenames.


git-svn-id: file:///svn/unbound/trunk@4117 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 12:47:29 +00:00
Ralph Dolmans
7e59ef65e6 Unlock view in respip unit test 
git-svn-id: file:///svn/unbound/trunk@4098 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-07 08:57:05 +00:00
Ralph Dolmans
b0fd814975 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
Wouter Wijngaards
fdbac8e51d lint for unit test 
git-svn-id: file:///svn/unbound/trunk@4042 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-08 08:51:43 +00:00
Wouter Wijngaards
cae9809e11 - Response actions based on IP address from Jinmei Tatuya (Infoblox). 
git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-07 14:58:51 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
Wouter Wijngaards
3514843818 - Fix compile with openssl 1.1.0 with api=1.1.0. 
git-svn-id: file:///svn/unbound/trunk@3844 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-02 09:59:09 +00:00
Wouter Wijngaards
230ef2110b - Improve threadsafety for openssl 0.9.8 ecdsa dnssec signatures. 
git-svn-id: file:///svn/unbound/trunk@3766 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-07 13:02:02 +00:00
Wouter Wijngaards
46d476b0c2 define-tag and local-zone-tag configuration. 
git-svn-id: file:///svn/unbound/trunk@3708 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-21 09:49:02 +00:00