upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
5497 commits 23 branches 209 tags 123 MiB
Commit graph

3636 commits

Author SHA1 Message Date
Ralph Dolmans
26f057d668 Merge branch 'noloader-openssl' 2020-03-02 14:14:25 +01:00
Ralph Dolmans
868ce6372d - Add github reference in changelog (Fix #175, Merge PR #176) 2020-03-02 14:13:20 +01:00
Ralph Dolmans
90040b24ce - Fix link error when OpenSSL is configured with no-engine, thanks noloader. 2020-03-02 14:06:10 +01:00
W.C.A. Wijngaards
4207b58700 - Fix #177: dnstap does not build on macOS. 2020-03-02 13:33:34 +01:00
George Thessalonikefs
c5897dc058 - Fix compiler warning in dns64/dns64.c. 2020-03-02 11:52:33 +01:00
W.C.A. Wijngaards
93189d3083 Changelog note for PR #164 and text for release explanation. 
- Merge PR #164: Framestreams, this branch implements dnstap
  unidirectional connectivity in unbound. This has a number of
  new features.

  The dependency on libfstrm is removed. The fstrm protocol code
  resides in dnstap/dnstap_fstrm.h and dnstap/dnstap_fstrm.c. This
  contains a brief definition of what unbound needs.

  The make unbound-dnstap-socket builds a debug tool,
  unbound-dnstap-socket. It can listen, accept multiple DNSTAP
  streams and print information. Commandline options control it.

  Unbound can reconnect if the unix domain socket file socket is
  closed. This uses exponential backoff after which it uses a
  one second timer to throttle cpu down. There is also support
  to use TCP and TLS for connecting to the log server. There
  are new config options to turn them on, in the dnstap section
  in the man page and example config file. dnstap-ip with IP
  address of server for TCP or TLS use. dnstap-tls to turn
  on TLS. And dnstap-tls-server-name, dnstap-tls-cert-bundle,
  dnstap-tls-client-key-file and dnstap-tls-client-cert-file
  to configure the certificates for server authentication and
  client authentication, or leave at "" to not use that.
 2020-02-28 15:23:54 +01:00
Ralph Dolmans
8f1cb41725 Merge PR #172: Add IBM s390x arch for testing, by noloader. 2020-02-28 11:42:17 +01:00
W.C.A. Wijngaards
d68c1e29b6 Changelog note for PR #173. 
- Merge PR #173: updated makedist.sh for config.guess and
  config.sub and sha256 digest for gpg, by noloader.
 2020-02-28 10:15:57 +01:00
George Thessalonikefs
9efe85fb4c - Merge PR #171: Add additional compilers and platforms to Travis 
testing, by noloader.
 2020-02-27 18:13:22 +01:00
W.C.A. Wijngaards
6f4818ebcb - Fix more undefined sanitizer issues, in respip copy_rrset null 
dname, and in the client_info_compare routine for null memcmp.
 2020-02-27 15:43:27 +01:00
W.C.A. Wijngaards
57bbbfc0e6 - Fix #170: Fix gcc undefined sanitizer signed integer overflow 
warning in signature expiry RFC1982 serial number arithmetic.
 2020-02-27 15:22:35 +01:00
W.C.A. Wijngaards
348e246b66 - Fix #169: Fix warning for daemon/remote.c output may be truncated 
from snprintf.
 2020-02-27 15:08:10 +01:00
W.C.A. Wijngaards
f469049198 - iana portlist updated. 2020-02-26 14:32:14 +01:00
W.C.A. Wijngaards
318d4e91cc - Fix #165: Add prefer-ip4: yesno config option to prefer ipv4 for 
using ipv4 filters, because the hosts ip6 netblock /64 is not owned
  by one operator, and thus reputation is shared.
 2020-02-25 09:55:59 +01:00
George Thessalonikefs
f99dd8f6dc Changelog note for PR #166. 
- Merge PR #166: Fix typo in unbound.service.in, by glitsj16.
 2020-02-24 12:01:20 +01:00
W.C.A. Wijngaards
d2a843b422 - master branch has 1.10.1 version. 2020-02-20 14:42:58 +01:00
W.C.A. Wijngaards
6d7e0d68cf Note tag position in Changelog. 2020-02-20 14:41:39 +01:00
W.C.A. Wijngaards
ec0d6f196e - Updated contrib/unbound_smf23.tar.gz with Solaris SMF service for 
Unbound from Yuri Voinov.
 2020-02-20 09:17:24 +01:00
W.C.A. Wijngaards
6accd3d681 - protect X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS with ifdef for 
different openssl versions.
 2020-02-18 08:31:38 +01:00
W.C.A. Wijngaards
85fd23769f - changelog point where the tag for 1.10.0rc2 release is. 2020-02-17 15:24:29 +01:00
Ralph Dolmans
fe5370a98a - Add respip to supported module-config options in unbound-checkconf. 2020-02-17 13:36:30 +01:00
George Thessalonikefs
4b354d38c1 - Remove unused variable. 2020-02-17 12:56:20 +01:00
W.C.A. Wijngaards
a9b7638f4b Neater changelog 2020-02-17 10:10:44 +01:00
W.C.A. Wijngaards
42fdfd8121 - contrib/drop2rpz: perl script that converts the Spamhaus DROP-List 
in RPZ-Format, contributed by Andreas Schulze.
 2020-02-17 10:09:46 +01:00
W.C.A. Wijngaards
2665ae0414 - Stop unbound-checkconf from insisting that auth-zone and rpz 
zonefiles have to exist.  They can not exist, and download later.
 2020-02-14 07:57:57 +01:00
W.C.A. Wijngaards
77bdbc6e98 - Fix spelling in unbound.conf.5.in. 2020-02-14 07:54:49 +01:00
W.C.A. Wijngaards
00d622bed7 - updated version number to 1.10.0. 2020-02-12 12:51:35 +01:00
W.C.A. Wijngaards
9e193be648 - Fix compile warning when threads disabled. 2020-02-12 11:55:02 +01:00
W.C.A. Wijngaards
7dcfe531e4 - Fix to clean memory leak of respip_addr.lock when ip_tree deleted. 2020-02-12 11:49:26 +01:00
W.C.A. Wijngaards
e965775064 - Fix contrib/fastrpz.patch to apply cleanly. Fix for serve-stale 
fixes, but it does not compile, conflicts with new rpz code.
 2020-02-12 11:29:55 +01:00
W.C.A. Wijngaards
6e13c6f401 - Fix contrib/fastrpz.patch to apply cleanly. 2020-02-12 11:24:59 +01:00
W.C.A. Wijngaards
2916cfb3b0 - Fix with libnettle make test with dsa disabled. 2020-02-12 11:15:24 +01:00
George Thessalonikefs
adda4f6ace - Fix use after free on log-identity after a reload; Fixes #163. 2020-02-10 13:56:22 +01:00
George Thessalonikefs
c316b1d7d5 - Document 'ub_result.was_ratelimited' in libunbound. 2020-02-10 10:31:47 +01:00
W.C.A. Wijngaards
aee3706f66 - Fix to put braces around empty if body when threading is disabled. 2020-02-06 15:33:02 +01:00
George Thessalonikefs
8e135d5f59 - Document in unbound.conf manpage that configuration clauses can be repeated in the configuration file. 2020-02-06 14:39:58 +01:00
George Thessalonikefs
5d6358b66d - Cleaner code for mesh_serve_expired_lookup. 2020-02-06 14:38:01 +01:00
W.C.A. Wijngaards
4089147351 - Fix to lock and release once in mesh_serve_expired_lookup. 2020-02-06 14:01:45 +01:00
W.C.A. Wijngaards
18ea62e369 - Fix to lock zone before adding rpz qname trigger. 2020-02-06 12:22:15 +01:00
W.C.A. Wijngaards
d000523b00 - Fix to create and destroy rpz_lock in auth_zones structure. 2020-02-06 11:51:17 +01:00
George Thessalonikefs
0758d29324 - Fix num_reply_states and num_detached_states counting with 
serve_expired_callback.
 2020-02-06 11:44:48 +01:00
W.C.A. Wijngaards
af7abd4dfd - Fix num_reply_addr counting in mesh and tcp drop due to size 
after serve_stale commit.
 2020-02-06 11:09:30 +01:00
gthess
f7fe95ad7b
Serve stale (#159) 
- Added serve-stale functionality as described in
  draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
  to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107.
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
  come with a configurable TTL value (`serve-expired-reply-ttl`).
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
 2020-02-05 14:20:27 +01:00
Ralph Dolmans
8c88ab4747 - Add assertion to please static analyzer 2020-02-03 16:44:21 +01:00
W.C.A. Wijngaards
7495b25f94 - Fix fclose on error in TLS session ticket code. 2020-01-31 07:49:14 +01:00
Ralph Dolmans
810862dc65 - Stop working on socket when socket() call returns an error. 
- Check malloc return values in TLS session ticket code
 2020-01-30 19:15:58 +01:00
W.C.A. Wijngaards
a4244e79ca - Add getentropy_freebsd.o to Makefile dependencies. 2020-01-30 16:15:51 +01:00
W.C.A. Wijngaards
833021d84d - Add build rule for ipset to Makefile 2020-01-30 16:12:39 +01:00
Ralph Dolmans
2c459443da - Add changelog entry for RPZ merge 2020-01-30 16:04:27 +01:00
Ralph Dolmans
d69ba6f39f - Add changelog entry for memory leak fix 2020-01-30 15:47:49 +01:00