upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-24 00:29:58 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
2343 commits 23 branches 209 tags 123 MiB
Commit graph

384 commits

Author SHA1 Message Date
Wouter Wijngaards
c2299a3c5f version 3 for common.sh 
git-svn-id: file:///svn/unbound/trunk@2395 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-23 15:17:49 +00:00
Wouter Wijngaards
d8928e1b19 common.sh to version 2. 
git-svn-id: file:///svn/unbound/trunk@2392 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-18 16:11:21 +00:00
Wouter Wijngaards
1550bc65f3 use common functionality file. 
git-svn-id: file:///svn/unbound/trunk@2390 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-11 12:30:42 +00:00
Wouter Wijngaards
87296966ae - Added regression test for addition of a .net DS to the root, and 
cache effects with different TTL for glue and DNSKEY.


git-svn-id: file:///svn/unbound/trunk@2387 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-07 12:07:46 +00:00
Wouter Wijngaards
f5a97a3e8f - Fix so a changed NS RRset does not get moved name stuck on old 
server, for type NS the TTL is not increased.


git-svn-id: file:///svn/unbound/trunk@2373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 13:56:25 +00:00
Wouter Wijngaards
790cb51775 - Fix prefetch so it does not get stuck on old server for moved names. 
git-svn-id: file:///svn/unbound/trunk@2372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-13 10:13:01 +00:00
Wouter Wijngaards
4a746142cf - Fix insecure CNAME sequence marked as secure, reported by Bert Hubert. 
git-svn-id: file:///svn/unbound/trunk@2369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-11 12:32:29 +00:00
Wouter Wijngaards
003658eea0 test and cleanup. 
git-svn-id: file:///svn/unbound/trunk@2360 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-22 09:41:38 +00:00
Wouter Wijngaards
c4c8a65ff2 - fix validation in this case: CNAME to nodata for co-hosted opt-in 
NSEC3 insecure delegation, was bogus, fixed to be insecure.


git-svn-id: file:///svn/unbound/trunk@2355 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-17 10:05:56 +00:00
Wouter Wijngaards
dd8e44ac37 - feature typetransparent localzone, does not block other RR types. 
git-svn-id: file:///svn/unbound/trunk@2350 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-02 12:39:33 +00:00
Wouter Wijngaards
79f4ca6a28 Fix storage of noEDNS in the infra cache. 
iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-30 12:55:48 +00:00
Wouter Wijngaards
78cc3d8ae1 harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove. 
Default off (for now), as some older software that gives nxdomain for ENT
would be incompatible.  But that would only happen in the reverse tree, and
such software (nonDNSSEC) may go out of style, so in the future a default yes
could be possible.



git-svn-id: file:///svn/unbound/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-18 08:49:15 +00:00
Wouter Wijngaards
289f13bc25 - implement draft-vixie-dnsext-resimprove-00, we stop on NXDOMAIN. 
git-svn-id: file:///svn/unbound/trunk@2345 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-17 10:02:34 +00:00
Wouter Wijngaards
2fe65ab2b5 - Be lenient and accept imgw.pl malformed packet (like BIND). 
git-svn-id: file:///svn/unbound/trunk@2339 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-08 18:32:55 +00:00
Wouter Wijngaards
c140638659 Test DS and CNAME in cache. 
git-svn-id: file:///svn/unbound/trunk@2336 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-05 15:45:53 +00:00
Wouter Wijngaards
f41a92daf5 detect nc version 
git-svn-id: file:///svn/unbound/trunk@2334 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-04 15:20:11 +00:00
Wouter Wijngaards
93e8ff1bb0 Fix test to work on ubuntu. 
git-svn-id: file:///svn/unbound/trunk@2333 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-04 15:16:13 +00:00
Wouter Wijngaards
488aee467a - Fix validation failure for parent and child on same server with an 
insecure childzone and a CNAME from parent to child.


git-svn-id: file:///svn/unbound/trunk@2321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-29 13:10:26 +00:00
Wouter Wijngaards
8cf752e577 Uses curl to check if the icann cert file has been updated on the website. 
git-svn-id: file:///svn/unbound/trunk@2297 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-18 13:25:30 +00:00
Wouter Wijngaards
a0b58301ca unbound-anchor works on vista. 
git-svn-id: file:///svn/unbound/trunk@2292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-14 14:55:38 +00:00
Wouter Wijngaards
c60c5d188e less verbose on output. 
git-svn-id: file:///svn/unbound/trunk@2290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-14 09:18:20 +00:00
Wouter Wijngaards
46345c0809 - Fix bug when DLV below a trust-anchor that uses NSEC3 optout where 
the zone has a secure delegation hosted on the same server did not
         verify as secure (it was insecure by mistake).


git-svn-id: file:///svn/unbound/trunk@2275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-11 12:21:19 +00:00
Wouter Wijngaards
236d4cea25 Fix out-of-order XML element parse, zone name check and newline filter for unbound-anchor XML parse. 
git-svn-id: file:///svn/unbound/trunk@2274 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 15:01:49 +00:00
Wouter Wijngaards
cb978ff7be test update and nicer text output for unbound-anchor 
git-svn-id: file:///svn/unbound/trunk@2273 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 13:55:16 +00:00
Wouter Wijngaards
00ae321bf4 fix test 
git-svn-id: file:///svn/unbound/trunk@2272 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 12:26:20 +00:00
Wouter Wijngaards
f3a4dad2c8 no override time, works on Minix and not needed for the tpkg. 
git-svn-id: file:///svn/unbound/trunk@2271 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 12:14:05 +00:00
Wouter Wijngaards
b3e4186cf2 Test for unbound-anchor. 
git-svn-id: file:///svn/unbound/trunk@2268 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 11:31:35 +00:00
Wouter Wijngaards
05c403f805 Updated net check. 
git-svn-id: file:///svn/unbound/trunk@2260 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-28 12:51:05 +00:00
Wouter Wijngaards
b7f7a772fb unbound-anchor work, -P option and test tpkg. 
git-svn-id: file:///svn/unbound/trunk@2259 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-28 12:30:38 +00:00
Wouter Wijngaards
9f44640fa7 - bug#329: in example.conf show correct ipv4 link-local 169.254/16. 
git-svn-id: file:///svn/unbound/trunk@2244 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-24 07:04:37 +00:00
Wouter Wijngaards
8b274b92aa - Algorithm rollover operational reality intrudes, for trust-anchor, 
5011-store, and DLV-anchor if one key matches it's good enough.


git-svn-id: file:///svn/unbound/trunk@2235 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-16 13:40:26 +00:00
Wouter Wijngaards
c3f180eebb - Abide RFC5155 section 9.2: no AD flag for replies with NSEC3 optout. 
git-svn-id: file:///svn/unbound/trunk@2233 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-15 07:08:09 +00:00
Wouter Wijngaards
cf19a76bf6 Test that AD flags and NSEC3 optout does what we say. 
git-svn-id: file:///svn/unbound/trunk@2230 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-14 09:11:19 +00:00
Wouter Wijngaards
95db04a64c - bug#327: Fix for cannot access stub zones until the root is primed. 
git-svn-id: file:///svn/unbound/trunk@2228 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-13 09:25:52 +00:00
Wouter Wijngaards
a34fe6ea8a - make test more portable (make longtest needs special support programs, 
ldns, wdiff, dig, port-numbers).
  - moved not-always-portable testbound scripts to names .crpl.



git-svn-id: file:///svn/unbound/trunk@2214 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-16 12:59:37 +00:00
Wouter Wijngaards
b701d70147 - Return NXDOMAIN after chain of CNAMEs ends at name-not-found. 
git-svn-id: file:///svn/unbound/trunk@2208 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-05 14:31:52 +00:00
Wouter Wijngaards
7963430481 turn of valgrind debug 
git-svn-id: file:///svn/unbound/trunk@2207 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-04 19:02:25 +00:00
Wouter Wijngaards
6df29c32e4 - iana portlist updated. 
- Fix validation of qtype DNSKEY when a key-cache entry exists but
  no rr-cache entry is used (it expired or prefetch), it then goes
  back up to the DS or trust-anchor to validate the DNSKEY.


git-svn-id: file:///svn/unbound/trunk@2189 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-09 15:00:35 +00:00
Wouter Wijngaards
3c79358ff7 testbound uses UTC timezone. 
git-svn-id: file:///svn/unbound/trunk@2186 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-06 10:44:03 +00:00
Wouter Wijngaards
14f178e486 Fix for lame reply corner case. 
git-svn-id: file:///svn/unbound/trunk@2168 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-25 08:32:51 +00:00
Wouter Wijngaards
60035e31a2 test to make sure unbound deals with capitals in signer name like bind does 
git-svn-id: file:///svn/unbound/trunk@2167 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-24 07:06:17 +00:00
Wouter Wijngaards
ecbeaed66c - Fix assertion failure reported by Kai Storbeck from XS4ALL, the 
assertion was wrong.


git-svn-id: file:///svn/unbound/trunk@2155 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-16 15:05:22 +00:00
Wouter Wijngaards
1f9172697c more last resort lookup options. 
git-svn-id: file:///svn/unbound/trunk@2139 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-03 15:06:50 +00:00
Wouter Wijngaards
66b70b945b more more testcases 
git-svn-id: file:///svn/unbound/trunk@2136 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-03 10:07:58 +00:00
Wouter Wijngaards
ba4ff40d9d - Fix storage of negative parent glue if that last resort fails. 
git-svn-id: file:///svn/unbound/trunk@2127 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-01 09:33:25 +00:00
Wouter Wijngaards
8360afa15f - fix parentside from cache to be marked dispreferred for bad names. 
git-svn-id: file:///svn/unbound/trunk@2125 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-31 14:39:45 +00:00
Wouter Wijngaards
153fd4a7f6 - parentside names are dispreferred but not said to be dnssec-lame. 
- parentside check for cached newname glue.


git-svn-id: file:///svn/unbound/trunk@2122 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-31 13:03:58 +00:00
Wouter Wijngaards
6ef058f9b0 - Fix AD flag handling, it could in some cases mistakenly copy the AD 
flag from upstream servers.


git-svn-id: file:///svn/unbound/trunk@2120 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-31 07:36:01 +00:00
Wouter Wijngaards
6d77834955 parent-child misconfigured data lookup. 
git-svn-id: file:///svn/unbound/trunk@2119 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-28 14:15:29 +00:00
Wouter Wijngaards
4cc482e222 - Fix resolution for domains like safesvc.com.cn. If the iterator 
can not recurse further and it finds the delegation in a state
         where it would otherwise have rejected it outhand if so received
         from a cache lookup, then it can try to ask higherup (with loop
         protection).
       - Fix comments in iter_utils:dp_is_useless.


git-svn-id: file:///svn/unbound/trunk@2114 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-19 12:59:27 +00:00