upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-02 04:49:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
4626 commits 23 branches 209 tags 124 MiB
Commit graph

1351 commits

Author SHA1 Message Date
Wouter Wijngaards
e0745813f4 - Set defaults to yes for a number of options to increase speed and 
resilience of the server.  The so-reuseport, harden-below-nxdomain,
  and minimal-responses options are enabled by default.  They used
  to be disabled by default, waiting to make sure they worked.  They
  are enabled by default now, and can be disabled explicitly by
  setting them to "no" in the unbound.conf config file.  The reuseport
  and minimal options increases speed of the server, and should be
  otherwise harmless.  The harden-below-nxdomain option works well
  together with the recently default enabled qname minimisation, this
  causes more fetches to use information from the cache.


git-svn-id: file:///svn/unbound/trunk@4871 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-27 13:18:19 +00:00
George Thessalonikefs
0171d06aa2 - #4140: Expose repinfo (comm_reply) to the inplace_callbacks. This 
gives access to reply information for the client's communication
  point when the callback is called before the mesh state (modules).
  Changes to C and Python's inplace_callback signatures were also
  necessary.


git-svn-id: file:///svn/unbound/trunk@4870 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-22 10:51:13 +00:00
Wouter Wijngaards
4daf8f5bdb - Fix only misc failure from log-servfail when val-log-level is not 
enabled.


git-svn-id: file:///svn/unbound/trunk@4869 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-21 14:31:37 +00:00
Wouter Wijngaards
9926fcac4b flex and bison re-run. 
git-svn-id: file:///svn/unbound/trunk@4865 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-21 07:10:49 +00:00
Wouter Wijngaards
01d8dc2240 - log-local-actions: yes option for unbound.conf that logs all the 
local zone actions, a patch from Saksham Manchanda (Secure64).


git-svn-id: file:///svn/unbound/trunk@4864 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-21 07:10:09 +00:00
Wouter Wijngaards
4fe427ded2 - log-servfail: yes prints log lines that say why queries are 
returning SERVFAIL to clients.


git-svn-id: file:///svn/unbound/trunk@4863 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 15:22:05 +00:00
Wouter Wijngaards
b0daf867c2 and the error looks good. 
git-svn-id: file:///svn/unbound/trunk@4860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 14:17:48 +00:00
Wouter Wijngaards
df85836b15 - Fix warning on compile without threads. 
git-svn-id: file:///svn/unbound/trunk@4855 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-16 10:28:11 +00:00
Wouter Wijngaards
256ab3d935 - Patch for stub-no-cache and forward-no-cache options that disable 
caching for the contents of that stub or forward, for when you
  want immediate changes visible, from Bjoern A. Zeeb.


git-svn-id: file:///svn/unbound/trunk@4846 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 12:44:40 +00:00
Wouter Wijngaards
611e37aa2d (On the patch) 
- make depend, yacc, lex, doc, headers.  And log the limit exceeded
  message only on high verbosity, so as to not spam the logs when
  it is busy.


git-svn-id: file:///svn/unbound/trunk@4841 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 12:48:49 +00:00
Wouter Wijngaards
77bd7d228b Fix comment reference to variable name in header file. 
git-svn-id: file:///svn/unbound/trunk@4838 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 12:03:46 +00:00
Wouter Wijngaards
b97b04a9db yacc and lex. 
git-svn-id: file:///svn/unbound/trunk@4837 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 12:02:10 +00:00
Wouter Wijngaards
586b811b87 - Patch to implement tcp-connection-limit from Jim Hague (Sinodun). 
This limits the number of simultaneous TCP client connections
  from a nominated netblock.
And a simple test for TCP connection limit.


git-svn-id: file:///svn/unbound/trunk@4835 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 11:57:42 +00:00
George Thessalonikefs
749d1b9ebc - Expose if a query (or a subquery) was ratelimited (not src IP 
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
  This also introduces a change to 'ub_event_callback_type' in
  libunbound/unbound-event.h.
- Tidy pylib tests.


git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 14:00:46 +00:00
Wouter Wijngaards
37e9f5591a - Revert previous change for #4136: because it introduces build 
problems.


git-svn-id: file:///svn/unbound/trunk@4826 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 09:47:53 +00:00
Wouter Wijngaards
d546e7766d - iana port list update. 
git-svn-id: file:///svn/unbound/trunk@4825 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-01 14:07:54 +00:00
Wouter Wijngaards
1f148e632f remove unused variable 
git-svn-id: file:///svn/unbound/trunk@4822 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 13:36:45 +00:00
Wouter Wijngaards
f9c0f359a7 please lint. 
git-svn-id: file:///svn/unbound/trunk@4814 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 08:14:52 +00:00
Wouter Wijngaards
cc538f4f9f - Please doxygen so it passes. 
git-svn-id: file:///svn/unbound/trunk@4813 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 08:10:20 +00:00
Wouter Wijngaards
900cd200a2 more comments (from commit messages). 
git-svn-id: file:///svn/unbound/trunk@4812 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 08:00:57 +00:00
Wouter Wijngaards
26eaf2d1ee And these source files. 
git-svn-id: file:///svn/unbound/trunk@4810 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:48:58 +00:00
Wouter Wijngaards
b7abbd1d72 - Fix mesh.c incompatible pointer pass. 
- yacc and lex.


git-svn-id: file:///svn/unbound/trunk@4808 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:23:58 +00:00
Wouter Wijngaards
e3f08cb2a2 - Implement progressive backoff of TCP idle/keepalive timeout. 
git-svn-id: file:///svn/unbound/trunk@4806 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:20:15 +00:00
Wouter Wijngaards
3dbdde7fed - Add edns-tcp-keepalive and edns-tcp-keepalive timeout options 
and implement option in client responses.


git-svn-id: file:///svn/unbound/trunk@4804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:18:34 +00:00
Wouter Wijngaards
007123ee2c - Sort out test runs when the build directory isn't the project 
root directory.
- Add config tcp-idle-timeout (default 30s). This applies to
  client connections only; the timeout on TCP connections upstream
  is unaffected.


git-svn-id: file:///svn/unbound/trunk@4802 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:15:12 +00:00
Wouter Wijngaards
10c085f81d - Fix #4136: insufficiency from mismatch of FLEX capability between 
released tarball and build host.


git-svn-id: file:///svn/unbound/trunk@4801 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-30 09:58:05 +00:00
Wouter Wijngaards
f8e585f308 nicer code, in function. 
git-svn-id: file:///svn/unbound/trunk@4790 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-17 15:07:09 +00:00
Wouter Wijngaards
4bf9d12419 - Fix for 4126 that the #define for UNKNOWN_SERVER_NICENESS can be more 
easily changed to adjust default rtt assumptions.


git-svn-id: file:///svn/unbound/trunk@4779 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-12 14:15:03 +00:00
Wouter Wijngaards
15c4dd79f4 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4772 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-06 06:48:44 +00:00
Wouter Wijngaards
2beae211ee - dns64-ignore-aaaa: config option to list domain names for which the 
existing AAAA is ignored and dns64 processing is used on the A
  record.


git-svn-id: file:///svn/unbound/trunk@4762 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-29 12:58:52 +00:00
Wouter Wijngaards
d3ff7a9333 - log port number with err_addr logs. 
git-svn-id: file:///svn/unbound/trunk@4761 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-29 08:34:41 +00:00
Wouter Wijngaards
c15eae814f - Fix that control-use-cert: no works for 127.0.0.1 to disable certs. 
git-svn-id: file:///svn/unbound/trunk@4738 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-18 09:04:35 +00:00
Wouter Wijngaards
0e72e06886 - Print warning when control-use-cert is used with an IP-address 
in unbound-control, and that TLS is enabled.


git-svn-id: file:///svn/unbound/trunk@4737 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-18 08:40:30 +00:00
Wouter Wijngaards
9cb404ba5f - Fix that first control-interface determines if TLS is used. Warn 
when IP address interfaces are used without TLS.


git-svn-id: file:///svn/unbound/trunk@4730 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-14 08:14:43 +00:00
Wouter Wijngaards
0b0ece9db0 better documentation in header file 
git-svn-id: file:///svn/unbound/trunk@4722 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 10:15:08 +00:00
Wouter Wijngaards
23edc18cac - Rename tls-additional-ports to tls-additional-port, because every 
line adds one port.


git-svn-id: file:///svn/unbound/trunk@4721 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 08:45:57 +00:00
Wouter Wijngaards
7fd32916e8 - #4102 for NSD, but for Unbound. Named unix pipes do not use 
certificate and key files, access can be restricted with file and
  directory permissions.  The option control-use-cert is no longer
  used, and ignored if found in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@4718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 07:43:52 +00:00
Wouter Wijngaards
7509bf208e - Rename additional-tls-port to tls-additional-ports. 
The older name is accepted for backwards compatibility.


git-svn-id: file:///svn/unbound/trunk@4703 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-01 08:02:04 +00:00
Wouter Wijngaards
ec34bc9af1 rerun bison. 
git-svn-id: file:///svn/unbound/trunk@4702 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-30 09:35:21 +00:00
Wouter Wijngaards
8d1af17449 - Patch from Syzdek: Add ability to ignore RD bit and treat all 
requests as if the RD bit is set.


git-svn-id: file:///svn/unbound/trunk@4701 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-30 09:33:21 +00:00
Wouter Wijngaards
1a0bd1a150 - tls-win-cert option that adds the system certificate store for 
authenticating DNS-over-TLS connections.  It can be used instead
  of the tls-cert-bundle option, or with it to add certificates.


git-svn-id: file:///svn/unbound/trunk@4698 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-28 14:15:06 +00:00
Wouter Wijngaards
5a726fb61f - Add routine from getdns to add windows cert store to the SSL_CTX. 
git-svn-id: file:///svn/unbound/trunk@4697 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-28 13:22:10 +00:00
Wouter Wijngaards
6792d2d036 - Fix windows tcp and tls spin on events. 
git-svn-id: file:///svn/unbound/trunk@4696 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-28 12:30:34 +00:00
Wouter Wijngaards
d32fb26adb - Fix close events for tcp only. 
git-svn-id: file:///svn/unbound/trunk@4695 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-25 10:41:24 +00:00
Wouter Wijngaards
d4ba7731ad - Fix that tcp sticky events are removed for closed fd on windows. 
git-svn-id: file:///svn/unbound/trunk@4694 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-25 10:02:06 +00:00
Wouter Wijngaards
261bf354b7 - Use accept4 to speed up incoming TCP (and TLS) connections, 
available on Linux and FreeBSD.


git-svn-id: file:///svn/unbound/trunk@4686 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-23 13:55:09 +00:00
Ralph Dolmans
50b6dc4b81 - Qname minimisation default changed to yes. 
git-svn-id: file:///svn/unbound/trunk@4685 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-17 10:33:19 +00:00
Wouter Wijngaards
ba29a4a078 generated yacc and lex output. 
git-svn-id: file:///svn/unbound/trunk@4684 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-15 07:48:12 +00:00
Wouter Wijngaards
676644d8e8 - Fix low-rtt-pct to low-rtt-permil, as it is parts in one thousand. 
git-svn-id: file:///svn/unbound/trunk@4683 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-15 07:30:53 +00:00
Wouter Wijngaards
16b6619dfa - Fix windows to not have sticky TLS events for TCP. 
- Fix read of DNS over TLS length and data in one read call.


git-svn-id: file:///svn/unbound/trunk@4680 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-07 08:31:17 +00:00