upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-25 00:59:37 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
6336 commits 23 branches 209 tags 123 MiB
Commit graph

206 commits

Author SHA1 Message Date
W.C.A. Wijngaards
ea4f1ee8a6 - zonemd-check: yesno option, default no, enables the processing 
of ZONEMD records for that zone.
 2021-05-27 14:20:53 +02:00
George Thessalonikefs
ff6b527184 - Fix for #411, #439, #469: Reset the DNS message ID when moving queries 
between TCP streams.
- Refactor for uniform way to produce random DNS message IDs.
 2021-05-19 15:07:32 +02:00
W.C.A. Wijngaards
39a557833d - Fix for zonemd, do not reject insecure result from trust anchor 
validation step in dnssec chain of trust.
 2021-02-23 17:09:40 +01:00
W.C.A. Wijngaards
c802298fca - Fix for zonemd, that domain-insecure zones work without dnssec. 2021-02-23 17:03:23 +01:00
W.C.A. Wijngaards
131d38f8f2 - Fix for zonemd, that nxdomain for the chain of trust is allowed 
for island zones, it is treates as an insecure zone for verification.
 2021-02-22 17:32:40 +01:00
W.C.A. Wijngaards
b7ffa6618c zonemd, review comments, fix no anchor lookup if none. 2021-02-12 09:16:22 +01:00
W.C.A. Wijngaards
8490508559 zonemd, review comments, stop null dnskey, skip dnssec for insecure islands. 2021-02-12 08:33:03 +01:00
W.C.A. Wijngaards
6965cef5e8 zonemd, review comments, check qname for zonemd dnskey lookup. 2021-02-11 17:33:10 +01:00
W.C.A. Wijngaards
e0f17c2443 zonemd, review comments, stop callback for a deleted zone. 2021-02-11 17:27:59 +01:00
W.C.A. Wijngaards
d3b6e1679c zonemd, review comments, indentation. 2021-02-11 16:05:28 +01:00
W.C.A. Wijngaards
9a972aa5b2 zonemd, review comments, compare list size for rrsigtype add. 2021-02-10 16:38:39 +01:00
W.C.A. Wijngaards
12171e3124 zonemd, review comments, compare list size correctly. 2021-02-10 16:34:24 +01:00
W.C.A. Wijngaards
3d2692d6bc zonemd, review comments, add comments to unit test, scope verbose output. 2021-02-10 15:30:23 +01:00
W.C.A. Wijngaards
b7a633fdc0 Merge branch 'master' into zonemd 2021-02-04 16:08:11 +01:00
Willem Toorop
b7864b0c48 Merge branch 'master' into features/padding 2021-01-22 15:13:01 +01:00
W.C.A. Wijngaards
20ff80c5bb zonemd, fix to detect duplicate zonemd scheme and algo RRs. 2021-01-22 14:36:53 +01:00
Willem Toorop
48ecf95108 Merge branch 'master' into features/padding 2021-01-22 10:29:50 +01:00
George Thessalonikefs
9056613a79 - Fix TTL of SOA record for negative answers (localzone data and 
authzone) to be the minimum of the SOA TTL and the SOA.MINIMUM.
 2021-01-19 15:55:55 +01:00
W.C.A. Wijngaards
3e03e2c26d - For #391: use struct timeval* start_time for callback information. 2021-01-08 09:47:46 +01:00
Frank Riley
e3abd772f7 Add start_time to reply callbacks so modules can compute the response time. 2021-01-01 15:44:21 -07:00
George Thessalonikefs
08968baec1 - Fix error cases when udp-connect is set and send() returns an error 
(modified patch from Xin Li @delphij).
 2020-12-16 17:11:41 +01:00
W.C.A. Wijngaards
3ab188ea21 zonemd, please doxygen 
zonemd, fix clang analyzer warning about null nsec3 salt pointer access.
 2020-10-29 08:40:22 +01:00
W.C.A. Wijngaards
94ac072f9b zonemd, zonemd-reject-absence config for an auth-zone rejects the zone if 
no ZONEMD is present.
 2020-10-26 15:37:43 +01:00
W.C.A. Wijngaards
165b048e07 zonemd, zonemd-permissive-mode: yes logs the failure but does not block 
the zone after a ZONEMD verification failure.
 2020-10-23 14:33:04 +02:00
W.C.A. Wijngaards
c72ca35f08 unbound-control auth_zone_reload sets zone to nonexpired and 
also updates the xfr soa values from the new zonefile contents.
 2020-10-23 11:44:28 +02:00
W.C.A. Wijngaards
40e713e121 zonemd, unlock xfr lock for auth zone verify of zonemd for mesh new callback. 2020-10-23 10:14:21 +02:00
W.C.A. Wijngaards
1cb7d5a194 zonemd, unit test for auth zone zonemd axfr 
zonemd, zonemds are checked after zone transfer.
 2020-10-23 09:12:51 +02:00
W.C.A. Wijngaards
54d8473ec6 zonemd, pass module stack as function argument. 2020-10-22 13:31:37 +02:00
W.C.A. Wijngaards
6ea1ae17f7 zonemd, fix to harden against failure in pickup zonemd lookups. 2020-10-22 13:20:00 +02:00
W.C.A. Wijngaards
e09873e0c8 zonemd, zonemds are checked at start 2020-10-22 12:10:46 +02:00
W.C.A. Wijngaards
4ba45c34ed zonemd, result of dnssec failures includes rrset and dnssec bogus reason. 2020-10-21 16:18:28 +02:00
W.C.A. Wijngaards
7ac4eb229d zonemd, unit tests for verifying DNSKEY with trust anchor failures. 2020-10-21 15:58:47 +02:00
W.C.A. Wijngaards
1245457967 zonemd, fix that zonemd absence in unsigned zone does not invalidate zone. 2020-10-21 11:56:41 +02:00
W.C.A. Wijngaards
e8d29f973d zonemd, fix that dnssec denial does not invalidate zone. 
zonemd, unit test of nsec and nsec3 denial.
 2020-10-21 11:51:30 +02:00
W.C.A. Wijngaards
f675077502 zonemd, unit test improved debug output and unit test dnssec verify zonemd 2020-10-20 16:49:49 +02:00
W.C.A. Wijngaards
0a238280b9 zonemd, unit test for dnssec verify, implement test. 2020-10-15 12:27:22 +02:00
W.C.A. Wijngaards
e6aab488c8 zonemd, fix anchor unlock. 
zonemd, unit test for dnssec verify function test harness.
 2020-10-15 09:17:57 +02:00
W.C.A. Wijngaards
cf6e1b6ea9 Merge branch 'master' into zonemd 2020-10-15 08:34:32 +02:00
W.C.A. Wijngaards
e35b1dfbd5 zonemd, nsec3 rr iterator is type int, like other nsec3 code. 2020-10-14 14:52:32 +02:00
W.C.A. Wijngaards
42d7cdb7d5 zonemd, region freed, and qstate not used when not in a query, and nsec 
and nsec3 bitmap checks.
 2020-10-14 14:46:59 +02:00
W.C.A. Wijngaards
890c8deb0f - Free up auth zone parse region after use for lookup of host 2020-10-14 14:20:16 +02:00
W.C.A. Wijngaards
22e82765f9 zonemd, dnssec verification routines. 2020-10-14 13:34:50 +02:00
W.C.A. Wijngaards
efc01c928c Formatting. 2020-10-09 16:47:49 +02:00
W.C.A. Wijngaards
754e6f1349 zonemd, routine to check zonemd hash if present 2020-10-09 16:46:20 +02:00
W.C.A. Wijngaards
0af62aba53 zonemd, defines for scheme and algorithm. 2020-10-09 15:14:27 +02:00
W.C.A. Wijngaards
cdf6544b46 zonemd, unit test, succeeds at verifying examples of zonemd draft-12. 2020-10-09 12:18:25 +02:00
W.C.A. Wijngaards
eb4932a463 zonemd, digest code calls, secalgo openssl sha384 and sha512. 2020-10-09 11:19:31 +02:00
W.C.A. Wijngaards
3163a93121 zonemd, loop over zone and canonicalize data, test call in unit test. 2020-10-06 17:07:24 +02:00
W.C.A. Wijngaards
b7b5952c3a - Fix lock dependency cycle in rpz zone config setup. 2020-07-17 17:15:55 +02:00
George Thessalonikefs
8a87fc6ae7 - Fix #220: auth-zone section in config may lead to segfault. 2020-04-15 17:57:02 +02:00