upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-25 17:19:42 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
7021 commits 23 branches 209 tags 124 MiB
Commit graph

7021 commits

This branch
This branch
All branches
Author SHA1 Message Date
TCY16
f0989fc754 differentiate between malloc and regional_alloc 2022-09-26 11:49:49 +02:00
TCY16
c9f90def0a swap malloc for regional_alloc and add free 2022-09-26 11:18:58 +02:00
TCY16
57c4f28f20 add happy-flow test 2022-09-21 16:21:48 +02:00
TCY16
d731fa2e21 use correct edns_list attach function 2022-09-21 16:19:38 +02:00
TCY16
dcfcde2ec8 add cached EDE strings 2022-09-21 11:21:33 +02:00
TCY16
5f309d0018 Add caching EDEs 2022-09-01 14:10:14 +02:00
W.C.A. Wijngaards
ec5812a748 - Fix to wait for blocked write on UDP sockets, with a timeout if it 
takes too long the packet is dropped.
 2022-08-31 11:54:11 +02:00
W.C.A. Wijngaards
10a5a5880a - Patch from Vadim Fedorenko that adds MSG_DONTWAIT to receive 
operations, so that instruction reordering does not cause mistakenly
  blocking socket operations.
 2022-08-31 10:11:25 +02:00
W.C.A. Wijngaards
2fa1c17cd9 - Fix to avoid process wide fcntl calls mixed with nonblocking 
operations after a blocked write.
 2022-08-31 10:09:39 +02:00
W.C.A. Wijngaards
e6f878ee71 - Fix #741: systemd socket activation fails on IPv6. 2022-08-22 09:12:08 +02:00
W.C.A. Wijngaards
dc6c04b243 - Fix to log accept error ENFILE and EMFILE errno, but slowly, once 
per 10 seconds. Also log accept failures when no slow down is used.
 2022-08-12 09:54:29 +02:00
W.C.A. Wijngaards
ef57f8bd51 - Fix #734 [FR] enable unbound-checkconf to detect more (basic) 
errors.
 2022-08-05 14:41:05 +02:00
W.C.A. Wijngaards
fbe8e3b0b2 - Fix ratelimit inconsistency, for ip-ratelimits the value is the 
amount allowed, like for ratelimits.
 2022-08-04 11:33:37 +02:00
W.C.A. Wijngaards
1c164ab442 Changelog note for #730 
- Merge #730 from luisdallos: Fix startup failure on Windows 8.1 due
  to unsupported IPV6_USER_MTU socket option being set.
 2022-08-02 16:12:31 +02:00
Wouter Wijngaards
e738ec31ca
Merge pull request #730 from luisdallos/win81-unsup-sockopt-fix 
Fix startup failure on Windows 8.1 due to unsupported IPV6_USER_MTU socket option being set
 2022-08-02 16:12:16 +02:00
W.C.A. Wijngaards
07b073ddb3 - Fix unittest for edns subnet change. 2022-08-02 14:43:57 +02:00
W.C.A. Wijngaards
0f08cc6d55 - Fix edns subnet so that scope 0 answers only match sourcemask 0 
queries for answers from cache if from a query with sourcemask 0.
 2022-08-02 14:13:55 +02:00
Luis Dallos
7d3c6f1c43 Fix startup failure on Windows 8.1 due to unsupported IPV6_USER_MTU socket option being set 
Newer mingw-w64 (starting from 8.0.1) introduces support for `IPV6_USER_MTU` socket
option [1], which is not supported on Windows 8.1 and older [2]. As there is no way
to avoid this socket option from being picked at compile time when targeting older
versions of Windows, check for `setsockopt(..., IPV6_USER_MTU, ...)` failures at
runtime in order to avoid startup failure on those versions of Windows where the
`IPV6_USER_MTU` socket option is unsupported.

[1]: mirror/mingw-w64@e30bff4
[2]: `WSAGetLastError()` returns `WSAENOPROTOOPT` (`Bad protocol option`) error code
 2022-08-01 23:03:24 -04:00
W.C.A. Wijngaards
cd22fdc28d - Fix #728: alloc_reg_obtain() core dump. Stop double 
alloc_reg_release when serviced_create fails.
 2022-08-01 16:45:41 +02:00
W.C.A. Wijngaards
5ae48f85c0 - The code repo continues with 1.16.3. 2022-08-01 15:17:10 +02:00
W.C.A. Wijngaards
cbed768b8f - Tests for ghost domain fixes. 2022-08-01 13:26:22 +02:00
W.C.A. Wijngaards
f6753a0f10 - Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699. 2022-08-01 13:24:40 +02:00
George Thessalonikefs
efdd70c7b5 - Cleanup some comments and TODO text. 2022-07-23 19:55:15 +02:00
W.C.A. Wijngaards
f993ffbb07 Changelog note for #718 
- Merge #718: Introduce infra-cache-max-rtt option to config max
  retransmit timeout.
 2022-07-19 15:19:12 +02:00
Wouter Wijngaards
ef9bb0213b
Merge pull request #718 from hunts/make_rtt_max_timeout_configurable 
Introduce infra-cache-max-rtt option to config max retransmit timeout
 2022-07-19 15:15:34 +02:00
George Thessalonikefs
309e23515e - Update documentation for 'outbound-msg-retry:'. 2022-07-19 12:47:01 +02:00
Minghang Chen
249efd4285 Introduce infra-cache-max-rtt option to config max retransmit timeout 
Added the option and let it default to 120 seconds so that it won't change
current behavior.

Related-to #717
 2022-07-16 01:46:18 -07:00
W.C.A. Wijngaards
12cd495d55 - iana portlist update. 2022-07-15 09:20:25 +02:00
W.C.A. Wijngaards
33bd49af81 - Merge PR 714: Avoid treat normal hosts as unresponsive servers. 
And fixup the lock code.
 2022-07-15 08:51:31 +02:00
Wouter Wijngaards
6e50c46102
Merge pull request #714 from hunts/rtt-of-expired-host 
Avoid treat normal hosts as unresponsive servers
 2022-07-15 08:49:51 +02:00
Hunts Chen
88bf803297 Avoid treat normal hosts as unresponsive servers 
This is a fix for issue #713

When infra-keep-probing is on, all hosts with expired entries were treated as
unresponsive servers and thus causing problems (see #713).

This commit change that, so that normal hosts with expired entries are treated
as unknown servers.
 2022-07-14 10:16:13 -07:00
George Thessalonikefs
9e4a17baaf - For windows crosscompile, fix setting the IPV6_MTU socket option 
equivalent (IPV6_USER_MTU); allows cross compiling with latest
  cross-compiler versions.
 2022-07-12 17:17:59 +02:00
W.C.A. Wijngaards
2abd6f7d58 - Fix dname count in sldns parse type descriptor for SVCB and HTTPS. 2022-07-12 13:29:51 +02:00
W.C.A. Wijngaards
7696398231 - Fix verbose EDE error printout. 2022-07-11 13:13:51 +02:00
Wouter Wijngaards
886ffcc155
Merge pull request #711 from NLnetLabs/add-security.md 
add SECURITY.md, based on krill
 2022-07-11 11:37:28 +02:00
W.C.A. Wijngaards
a45ced7739 - This became 1.16.1 on 11 July 2022. 
The code repo continues with version 1.16.2 under development.
 2022-07-11 11:34:54 +02:00
maertsen
125983558b
add SECURITY.md, based on krill 2022-07-05 16:39:04 +02:00
W.C.A. Wijngaards
903538c76e - Tag for 1.16.1rc1 release. 2022-07-04 13:48:56 +02:00
George Thessalonikefs
d447d60fc6 Merge branch 'crrodriguez-IP_BIND_ADDRESS_NO_PORT' 2022-07-04 12:49:00 +02:00
George Thessalonikefs
e5f66b4902 - For #668: relocate and make code more portable. 2022-07-04 12:46:17 +02:00
George Thessalonikefs
0f4c4c1163 Merge branch 'IP_BIND_ADDRESS_NO_PORT' of https://github.com/crrodriguez/unbound into crrodriguez-IP_BIND_ADDRESS_NO_PORT 2022-07-04 11:15:58 +02:00
George Thessalonikefs
eda0c0c194 - Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for 
one loop pass'.
 2022-07-04 09:34:45 +02:00
George Thessalonikefs
309b1d368b - Reintroduce documentation and more EDE support for 
val_sigcrypt.c::dnskeyset_verify_rrset_sig.
 2022-07-04 00:06:26 +02:00
George Thessalonikefs
c513119bba - Improve val_sigcrypt.c::algo_needs_missing for one loop pass. 2022-07-03 23:32:18 +02:00
George Thessalonikefs
a30286502c - Fix for correct openssl error when adding windows CA certificates to 
the openssl trust store.
 2022-07-03 22:41:39 +02:00
George Thessalonikefs
317bab9f1d For #660: formatting, less verbose logging, add EDE information. 2022-07-03 22:32:56 +02:00
George Thessalonikefs
2fba248ebe Changelog entry for #660 
- Merge PR #660 from Petr Menšík: Sha1 runtime insecure.
 2022-07-03 22:28:17 +02:00
Yorgos Thessalonikefs
e102aea751
Merge pull request #660 from InfrastructureServices/sha1-runtime-insecure 
Sha1 runtime insecure
 2022-07-03 22:24:58 +02:00
George Thessalonikefs
24cb764d61 - Add missing changelog entries from PR #706. 2022-07-03 22:21:56 +02:00
George Thessalonikefs
cb28bdcdb0 Changelog entry for #671: 
- Merge PR #671 from Petr Menšík: Disable ED25519 and ED448 in FIPS
  mode on openssl3.
 2022-07-03 22:08:47 +02:00