unbound

mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-29 17:59:27 -05:00

Author	SHA1	Message	Date
W.C.A. Wijngaards	edcef18274	Merge branch 'master' of git://github.com/PMunch/unbound into PMunch-master Fixed conflicts in Makefile.in and configparser.y	2020-05-15 14:52:53 +02:00
Ralph Dolmans	99fd6cf711	- Cache ECS answers with longest scope of CNAME chain.	2020-05-15 13:13:49 +02:00
Ralph Dolmans	4fc7b434d7	- Document new DoH configuration options.	2020-05-13 13:05:40 +02:00
Ralph Dolmans	8fc2320b5c	- Add mem.http.query_buffer and mem.http.response_buffer stats - Add configurable limits for http-query-buffer-size and http-response-buffer-size - Make http endpoint, max_streams, and TCP_NODELAY for HTTP sockets configurable.	2020-05-12 18:12:19 +02:00
Ralph Dolmans	723980fe77	- Add query.num.https counter	2020-05-08 12:14:17 +02:00
Ralph Dolmans	e7601870cc	Merge branch 'master' into doh	2020-05-07 17:12:26 +02:00
Ralph Dolmans	8dae5d9f81	- Add DNS-over-HTTPS support	2020-05-07 16:36:26 +02:00
George Thessalonikefs	1bd4dbf302	- New include directive 'include-toplevel:'. It closes the previous clause (if any) and requires that all included files explicitly start a clause.	2020-04-29 11:23:12 +02:00
George Thessalonikefs	a269db3828	- Explicitly use 'rrset-roundrobin: no' for test cases.	2020-04-22 19:27:20 +02:00
W.C.A. Wijngaards	055f5e68a3	Add infra-keep-probing: yes option. Hosts that are down are probed more frequently.	2020-04-22 16:29:06 +02:00
George Thessalonikefs	584c2cf804	- Fix tests for new rrset-roundrobin default.	2020-04-21 22:02:56 +02:00
W.C.A. Wijngaards	6320776b25	Changelog note for PR #225 - Merge #225 from akhait: KSK-2010 has been revoked. It removes the KSK-2010 from the default list in unbound-anchor, now that the revocation period is over. KSK-2017 is the only trust anchor in the shipped default now.	2020-04-21 15:11:02 +02:00
George Thessalonikefs	226d66ca92	- Change default value for 'rrset-roundrobin' to yes.	2020-04-21 12:58:48 +02:00
W.C.A. Wijngaards	cee3098e87	- Remove unneeded was_mesh_reply check.	2020-04-20 15:35:45 +02:00
W.C.A. Wijngaards	00323b71d7	- Fix for count of reply states in the mesh.	2020-04-20 14:24:05 +02:00
W.C.A. Wijngaards	5151190dbc	Fix that it is --enable-rpath, for #222 .	2020-04-20 10:08:08 +02:00
W.C.A. Wijngaards	52ebdd85da	- Fix #222 : --with-rpath, fails to rpath python lib.	2020-04-20 10:04:34 +02:00
George Thessalonikefs	0c10453546	- Document SNI support in unbound-anchor.8.in.	2020-04-17 11:47:36 +02:00
George Thessalonikefs	a4dcd5eb91	- Update Changelog for PR #221 .	2020-04-17 11:41:47 +02:00
gthess	334498d9b9	Merge pull request #221 from NLnetLabs/more-SNI More SNI support on TLS	2020-04-17 11:37:47 +02:00
George Thessalonikefs	e430e95d30	- Add SNI support on more TLS connections (fixes #193 ). - Add SNI support to unbound-anchor.	2020-04-16 14:39:05 +02:00
George Thessalonikefs	e18ab07c62	- Add doxygen documentation for DSCP.	2020-04-16 13:58:35 +02:00
W.C.A. Wijngaards	963cfb58be	- Fix for posix shell syntax for trap in run_msg.sh test script.	2020-04-16 13:17:33 +02:00
W.C.A. Wijngaards	3cd288a9f2	- Fix for posix shell syntax for trap in nsd-control-setup.	2020-04-16 13:14:50 +02:00
W.C.A. Wijngaards	2193d06af6	Merge branch 'master' of github.com:NLnetLabs/unbound	2020-04-16 11:48:53 +02:00
W.C.A. Wijngaards	eed157d36e	- Fix help return code in unbound-control-setup script.	2020-04-16 11:47:27 +02:00
George Thessalonikefs	8a87fc6ae7	- Fix #220 : auth-zone section in config may lead to segfault.	2020-04-15 17:57:02 +02:00
Willem Toorop	2c8a91c2f9	pad-queries default yes	2020-04-14 08:52:51 +02:00
Willem Toorop	60e53d36b7	Merge branch 'master' into features/padding	2020-04-14 08:28:41 +02:00
W.C.A. Wijngaards	c7f1d2d889	- Merge PR #214 from gearnode: unbound-control-setup recreate certificates. With the -r option the certificates are created again, without it, only the files that do not exist are created.	2020-04-07 13:49:25 +02:00
Ralph Dolmans	03a37d1ff6	- Keep track of number of timeouts. Use this counter to determine if capsforid fallback should be started.	2020-04-06 18:00:06 +02:00
George Thessalonikefs	33a2613a49	- More documentation for redis-expire-records option.	2020-04-06 13:46:45 +02:00
Willem Toorop	551e476a17	Merge branch 'master' into features/padding	2020-04-02 18:54:18 +02:00
Willem Toorop	4f78b37c61	Down- and upstream padding a la RFC7830 & RFC8467	2020-04-02 18:34:03 +02:00
George Thessalonikefs	a601fd6d3c	Merge branch 'Talkabout-redis-expire-records'	2020-04-01 17:24:07 +02:00
George Thessalonikefs	557a309f9d	- Changes for PR #206 (formatting and remade lex and yacc output).	2020-04-01 17:14:58 +02:00
George Thessalonikefs	20aa782ce5	Merge branch 'master' of https://github.com/Talkabout/unbound into Talkabout-redis-expire-records	2020-04-01 16:04:48 +02:00
Talkabout	c25eb2c4c8	implemented review feedback renamed option from 'redis-set-ttl' to 'redis-expire-records'	2020-03-31 23:10:45 +02:00
Talkabout	b130a8b459	added option 'redis-set-ttl' to define whether ttl should be added to redis records added check for redis command 'setex' when initializing redis connection updated documentation minor improvements to previous changes	2020-03-31 12:47:13 +02:00
W.C.A. Wijngaards	94e92b197a	- Merge PR #208 : Fix uncached CLIENT_RESPONSE'es on stateful transports.	2020-03-30 14:55:00 +02:00
W.C.A. Wijngaards	65e7be5190	nroff fix for dash.	2020-03-30 10:29:15 +02:00
W.C.A. Wijngaards	e9e2871f18	- Merge PR #207 : Clarify if-automatic listens on 0.0.0.0 and ::	2020-03-30 10:27:44 +02:00
Willem Toorop	d8dcee4c71	Clarify if-automatic listens on 0.0.0.0 and ::	2020-03-30 10:07:25 +02:00
W.C.A. Wijngaards	8dc35cfce3	Changelog note for PR #203 . - Merge PR #203 from noloader: Update README-Travis.md with current procedures.	2020-03-27 16:07:03 +01:00
Ralph Dolmans	51593d47ac	Make unbound-control error returned on missing domain name more user friendly.	2020-03-27 11:27:12 +01:00
Ralph Dolmans	e4eb76a5f3	- Fix RPZ concurrency issue when using auth_zone_reload.	2020-03-26 19:11:57 +01:00
George Thessalonikefs	40ed82f522	Changelog entry for #201 - Merge PR #201 from noloader: Fix OpenSSL cross-compaile warnings.	2020-03-25 14:10:27 +01:00
W.C.A. Wijngaards	2889be5e90	- Travis fix for ios by omitting tools from install.	2020-03-24 10:23:00 +01:00
W.C.A. Wijngaards	7459b1dceb	- Fixes for #200 : example.conf note and set_value for ip-dscp.	2020-03-24 09:36:27 +01:00
W.C.A. Wijngaards	bcdc13514a	- Fixes on #200 . and rerun autoconf.	2020-03-24 09:32:04 +01:00
W.C.A. Wijngaards	311f163aed	Changelog for #200 and bison, flex regenerate. - Merge PR #200 from yarikk: add ip-dscp option to specify the DSCP tag for outgoing packets.	2020-03-24 09:25:05 +01:00
Yaroslav K	c0118410a2	add ip-dscp configuration option for setting IP DiffServ codepoint (DSCP, previously TOS) on sockets	2020-03-23 19:37:43 +00:00
W.C.A. Wijngaards	cca5cfc88f	- Fix compile on Solaris for unbound-checkconf.	2020-03-23 17:26:06 +01:00
George Thessalonikefs	ce7fd591c6	- Changelog note for PR #198 : Declare lz_enter_rr_into_zone() static, it's only used in this file, by fobser.	2020-03-20 13:06:43 +01:00
W.C.A. Wijngaards	e8aab3f3f4	Changelog note for #197 . - Merge PR #197 from fobser: Make log_ident_revert_to_default() a proper prototype.	2020-03-20 11:54:57 +01:00
Ralph Dolmans	7fa2b19389	- Fix .travis.yml error, missing 'env' option.	2020-03-19 18:11:22 +01:00
Ralph Dolmans	5f7d73ae88	- Merge PR#194: Add libevent testing to Travis, by Jeffrey Walton.	2020-03-19 17:59:08 +01:00
Ralph Dolmans	d0ee8c1cbd	Add changelog entries for PR#134.	2020-03-19 17:37:27 +01:00
Ralph Dolmans	2c03028fa3	- Fix #158 : open tls-session-ticket-keys as binary, for Windows. By Daisuke HIGASHI.	2020-03-19 14:00:33 +01:00
Ralph Dolmans	acfa55713c	- Merge PR#191: Update iOS testing on Travis, by Jeffrey Walton.	2020-03-19 10:55:39 +01:00
W.C.A. Wijngaards	e4268663e6	- Fix #192 : In the unbound-checkconf tool, the module config of dns64 subnetcache respip validator iterator is whitelisted, it was reported it seems to work.	2020-03-16 09:44:38 +01:00
Wouter Wijngaards	59fe188954	- Fix compile of test tools without protobuf.	2020-03-12 10:49:24 +01:00
Ralph Dolmans	28e6c86e61	- Add check to make sure RPZ records are subdomain of configured zone origin.	2020-03-11 17:37:50 +01:00
George Thessalonikefs	67b4ab2c90	- Changelog entry for (Fix #189 , Merge PR #190 ).	2020-03-11 11:50:38 +01:00
W.C.A. Wijngaards	50bc604586	Changelog for #188 and configure script created. Removed unneeded whitespace.	2020-03-11 08:41:56 +01:00
George Thessalonikefs	730aa097f8	- Changelog note for PR #186 : Fix unrecognized 'echo -n' option on OS X, by noloader.	2020-03-06 11:59:13 +01:00
W.C.A. Wijngaards	93c92eeabb	Fix changelog note, it is #182 , not #184 .	2020-03-05 17:03:28 +01:00
W.C.A. Wijngaards	b8540e1e70	Changelog note for #184 . - Fix PR #184 from noloader: Add iOS testing to Travis.	2020-03-05 17:02:20 +01:00
Ralph Dolmans	cd6bb00f2c	- Update README-Travis.md (from PR #179 ), by Jeffrey Walton.	2020-03-04 12:02:10 +01:00
George Thessalonikefs	a1b2261b7b	- Merge PR #180 from noloader: Avoid calling exit in Travis script.	2020-03-04 10:25:04 +01:00
W.C.A. Wijngaards	779d65208e	Changelog note for PR#180 . - Merge PR#180 from noloader: Avoid calling exit in Travis script.	2020-03-04 08:18:00 +01:00
George Thessalonikefs	114d650d32	- Upgrade config.guess(2020-01-01) and config.sub(2020-01-01).	2020-03-03 18:29:11 +01:00
George Thessalonikefs	f4eaf6c0ff	- Merge PR #174 : Add Android to Travis testing, by noloader. - Move android build scripts to contrib/ and allow android tests to fail.	2020-03-02 15:17:59 +01:00
Ralph Dolmans	26f057d668	Merge branch 'noloader-openssl'	2020-03-02 14:14:25 +01:00
Ralph Dolmans	868ce6372d	- Add github reference in changelog (Fix #175 , Merge PR #176 )	2020-03-02 14:13:20 +01:00
Ralph Dolmans	90040b24ce	- Fix link error when OpenSSL is configured with no-engine, thanks noloader.	2020-03-02 14:06:10 +01:00
W.C.A. Wijngaards	4207b58700	- Fix #177 : dnstap does not build on macOS.	2020-03-02 13:33:34 +01:00
George Thessalonikefs	c5897dc058	- Fix compiler warning in dns64/dns64.c.	2020-03-02 11:52:33 +01:00
W.C.A. Wijngaards	93189d3083	Changelog note for PR #164 and text for release explanation. - Merge PR #164: Framestreams, this branch implements dnstap unidirectional connectivity in unbound. This has a number of new features. The dependency on libfstrm is removed. The fstrm protocol code resides in dnstap/dnstap_fstrm.h and dnstap/dnstap_fstrm.c. This contains a brief definition of what unbound needs. The make unbound-dnstap-socket builds a debug tool, unbound-dnstap-socket. It can listen, accept multiple DNSTAP streams and print information. Commandline options control it. Unbound can reconnect if the unix domain socket file socket is closed. This uses exponential backoff after which it uses a one second timer to throttle cpu down. There is also support to use TCP and TLS for connecting to the log server. There are new config options to turn them on, in the dnstap section in the man page and example config file. dnstap-ip with IP address of server for TCP or TLS use. dnstap-tls to turn on TLS. And dnstap-tls-server-name, dnstap-tls-cert-bundle, dnstap-tls-client-key-file and dnstap-tls-client-cert-file to configure the certificates for server authentication and client authentication, or leave at "" to not use that.	2020-02-28 15:23:54 +01:00
W.C.A. Wijngaards	614ed2717b	Merge branch 'master' into framestreams Fixed bison and flex conflicts by regenerating the files.	2020-02-28 14:31:24 +01:00
Ralph Dolmans	8f1cb41725	Merge PR #172 : Add IBM s390x arch for testing, by noloader.	2020-02-28 11:42:17 +01:00
W.C.A. Wijngaards	d68c1e29b6	Changelog note for PR #173 . - Merge PR #173: updated makedist.sh for config.guess and config.sub and sha256 digest for gpg, by noloader.	2020-02-28 10:15:57 +01:00
George Thessalonikefs	9efe85fb4c	- Merge PR #171 : Add additional compilers and platforms to Travis testing, by noloader.	2020-02-27 18:13:22 +01:00
W.C.A. Wijngaards	6f4818ebcb	- Fix more undefined sanitizer issues, in respip copy_rrset null dname, and in the client_info_compare routine for null memcmp.	2020-02-27 15:43:27 +01:00
W.C.A. Wijngaards	57bbbfc0e6	- Fix #170 : Fix gcc undefined sanitizer signed integer overflow warning in signature expiry RFC1982 serial number arithmetic.	2020-02-27 15:22:35 +01:00
W.C.A. Wijngaards	348e246b66	- Fix #169 : Fix warning for daemon/remote.c output may be truncated from snprintf.	2020-02-27 15:08:10 +01:00
W.C.A. Wijngaards	f469049198	- iana portlist updated.	2020-02-26 14:32:14 +01:00
W.C.A. Wijngaards	e24d7c64a8	Dnstap io, note that it creates a thread when possible.	2020-02-26 12:21:42 +01:00
W.C.A. Wijngaards	de35486fb7	Documentation for prefer-ip4, Issue #165 .	2020-02-25 09:58:32 +01:00
W.C.A. Wijngaards	318d4e91cc	- Fix #165 : Add prefer-ip4: yesno config option to prefer ipv4 for using ipv4 filters, because the hosts ip6 netblock /64 is not owned by one operator, and thus reputation is shared.	2020-02-25 09:55:59 +01:00
George Thessalonikefs	f99dd8f6dc	Changelog note for PR #166 . - Merge PR #166: Fix typo in unbound.service.in, by glitsj16.	2020-02-24 12:01:20 +01:00
W.C.A. Wijngaards	d2a843b422	- master branch has 1.10.1 version.	2020-02-20 14:42:58 +01:00
W.C.A. Wijngaards	6d7e0d68cf	Note tag position in Changelog.	2020-02-20 14:41:39 +01:00
W.C.A. Wijngaards	ec0d6f196e	- Updated contrib/unbound_smf23.tar.gz with Solaris SMF service for Unbound from Yuri Voinov.	2020-02-20 09:17:24 +01:00
W.C.A. Wijngaards	184f26355a	Fix ifdef of X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS, and Merge branch 'master' into framestreams	2020-02-18 08:33:58 +01:00
W.C.A. Wijngaards	6accd3d681	- protect X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS with ifdef for different openssl versions.	2020-02-18 08:31:38 +01:00
W.C.A. Wijngaards	b4f055effc	Merge branch 'master' into framestreams	2020-02-17 15:25:47 +01:00
W.C.A. Wijngaards	85fd23769f	- changelog point where the tag for 1.10.0rc2 release is.	2020-02-17 15:24:29 +01:00
Ralph Dolmans	fe5370a98a	- Add respip to supported module-config options in unbound-checkconf.	2020-02-17 13:36:30 +01:00
George Thessalonikefs	4b354d38c1	- Remove unused variable.	2020-02-17 12:56:20 +01:00
W.C.A. Wijngaards	a9b7638f4b	Neater changelog	2020-02-17 10:10:44 +01:00
W.C.A. Wijngaards	42fdfd8121	- contrib/drop2rpz: perl script that converts the Spamhaus DROP-List in RPZ-Format, contributed by Andreas Schulze.	2020-02-17 10:09:46 +01:00
W.C.A. Wijngaards	6d1b4e050d	dnstap io, dnstap tls default is yes, and man page documentation.	2020-02-14 10:01:37 +01:00
W.C.A. Wijngaards	78e6060858	dnstap io, example.conf example, config_file entries for tcp and tls.	2020-02-14 09:03:09 +01:00
W.C.A. Wijngaards	2665ae0414	- Stop unbound-checkconf from insisting that auth-zone and rpz zonefiles have to exist. They can not exist, and download later.	2020-02-14 07:57:57 +01:00
W.C.A. Wijngaards	77bdbc6e98	- Fix spelling in unbound.conf.5.in.	2020-02-14 07:54:49 +01:00
W.C.A. Wijngaards	00d622bed7	- updated version number to 1.10.0.	2020-02-12 12:51:35 +01:00
W.C.A. Wijngaards	9e193be648	- Fix compile warning when threads disabled.	2020-02-12 11:55:02 +01:00
W.C.A. Wijngaards	7dcfe531e4	- Fix to clean memory leak of respip_addr.lock when ip_tree deleted.	2020-02-12 11:49:26 +01:00
W.C.A. Wijngaards	e965775064	- Fix contrib/fastrpz.patch to apply cleanly. Fix for serve-stale fixes, but it does not compile, conflicts with new rpz code.	2020-02-12 11:29:55 +01:00
W.C.A. Wijngaards	6e13c6f401	- Fix contrib/fastrpz.patch to apply cleanly.	2020-02-12 11:24:59 +01:00
W.C.A. Wijngaards	2916cfb3b0	- Fix with libnettle make test with dsa disabled.	2020-02-12 11:15:24 +01:00
George Thessalonikefs	adda4f6ace	- Fix use after free on log-identity after a reload; Fixes #163 .	2020-02-10 13:56:22 +01:00
George Thessalonikefs	c316b1d7d5	- Document 'ub_result.was_ratelimited' in libunbound.	2020-02-10 10:31:47 +01:00
W.C.A. Wijngaards	aee3706f66	- Fix to put braces around empty if body when threading is disabled.	2020-02-06 15:33:02 +01:00
George Thessalonikefs	8e135d5f59	- Document in unbound.conf manpage that configuration clauses can be repeated in the configuration file.	2020-02-06 14:39:58 +01:00
George Thessalonikefs	5d6358b66d	- Cleaner code for mesh_serve_expired_lookup.	2020-02-06 14:38:01 +01:00
W.C.A. Wijngaards	4089147351	- Fix to lock and release once in mesh_serve_expired_lookup.	2020-02-06 14:01:45 +01:00
W.C.A. Wijngaards	18ea62e369	- Fix to lock zone before adding rpz qname trigger.	2020-02-06 12:22:15 +01:00
W.C.A. Wijngaards	d000523b00	- Fix to create and destroy rpz_lock in auth_zones structure.	2020-02-06 11:51:17 +01:00
George Thessalonikefs	0758d29324	- Fix num_reply_states and num_detached_states counting with serve_expired_callback.	2020-02-06 11:44:48 +01:00
W.C.A. Wijngaards	af7abd4dfd	- Fix num_reply_addr counting in mesh and tcp drop due to size after serve_stale commit.	2020-02-06 11:09:30 +01:00
gthess	f7fe95ad7b	Serve stale (#159 ) - Added serve-stale functionality as described in draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used to configure the behavior. - Updated cachedb to honor `serve-expired-ttl`; Fixes #107. - Renamed statistic `num.zero_ttl` to `num.expired` as expired replies come with a configurable TTL value (`serve-expired-reply-ttl`). - Fixed stats when replying with cached, cname-aliased records. - Added missing default values for redis cachedb backend.	2020-02-05 14:20:27 +01:00
Ralph Dolmans	8c88ab4747	- Add assertion to please static analyzer	2020-02-03 16:44:21 +01:00
W.C.A. Wijngaards	7495b25f94	- Fix fclose on error in TLS session ticket code.	2020-01-31 07:49:14 +01:00
Ralph Dolmans	810862dc65	- Stop working on socket when socket() call returns an error. - Check malloc return values in TLS session ticket code	2020-01-30 19:15:58 +01:00
W.C.A. Wijngaards	a4244e79ca	- Add getentropy_freebsd.o to Makefile dependencies.	2020-01-30 16:15:51 +01:00
W.C.A. Wijngaards	833021d84d	- Add build rule for ipset to Makefile	2020-01-30 16:12:39 +01:00
Ralph Dolmans	2c459443da	- Add changelog entry for RPZ merge	2020-01-30 16:04:27 +01:00
Ralph Dolmans	056176ec9a	Merge branch 'master' into rpz	2020-01-30 15:57:34 +01:00
Ralph Dolmans	d69ba6f39f	- Add changelog entry for memory leak fix	2020-01-30 15:47:49 +01:00
Ralph Dolmans	5dc6798e75	Merge branch 'master' of github.com:NLnetLabs/unbound	2020-01-30 14:58:25 +01:00
Ralph Dolmans	4f5b934688	- Fix small memory leak in error condition remote.c - Fix double free in error condition view.c	2020-01-30 14:56:48 +01:00
W.C.A. Wijngaards	a5f133ef2f	- updated .gitignore for added contrib file.	2020-01-30 14:20:08 +01:00
W.C.A. Wijngaards	de5c0d4228	Changelog note for PR#151. - Merge PR#151: Fixes for systemd units, by Maryse47, Edmonds and Frzk. Updates the unbound.service systemd file and adds a portable systemd service file.	2020-01-30 14:11:41 +01:00
W.C.A. Wijngaards	20a2574da1	- Update contrib/fastrpz.patch for clean diff with current code.	2020-01-30 13:05:35 +01:00
W.C.A. Wijngaards	bf13191b87	- Fix subnet tests for disabled DSA algorithm by default.	2020-01-30 09:08:19 +01:00
Ralph Dolmans	4326b10169	- Add PR#156 merge to changelog (Added unbound-control view_local_datas_remove command)	2020-01-29 15:46:05 +01:00
Ralph Dolmans	d82de651c6	Merge pull request #156 from n3bul4/master Added unbound-control view_local_datas_remove command	2020-01-29 15:44:39 +01:00
Alexander Berkes	61c2333174	Added view_local_datas_remove description to documentation	2020-01-29 15:32:55 +01:00
W.C.A. Wijngaards	079de39b46	- Fix #157 : undefined reference to `htobe64'.	2020-01-29 11:56:29 +01:00
W.C.A. Wijngaards	6c0a863584	- Fix to silence the tls handshake errors for broken pipe and reset by peer, unless verbosity is set to 2 or higher.	2020-01-28 14:32:06 +01:00
Ralph Dolmans	a930b94658	- Add PR#147 merge to changelog	2020-01-28 13:41:26 +01:00
Ralph Dolmans	13a7783d7b	Merge pull request #147 from mnach/minor-rfc-comment minor #1344 change rfc reference for reserved top level dns names	2020-01-28 13:39:18 +01:00
PMunch	b7e8dc1182	Merge branch 'master' into master	2020-01-28 13:18:01 +01:00
W.C.A. Wijngaards	f6287fc718	- iana portlist updated.	2020-01-28 12:25:37 +01:00
Mikhail Nacharov	c3fac2550f	minor #1344 change rfc reference for reserved top level dns names	2020-01-27 22:04:09 +05:00
Ralph Dolmans	0feee99055	- Add changelog entry for PR#148.	2020-01-27 16:06:06 +01:00
Ralph Dolmans	41621fb1df	- Add changelog entry for RP#154 - autoconf after PR#154	2020-01-27 15:50:12 +01:00
W.C.A. Wijngaards	68ff1730ac	- Fix #153 : Disable validation for DSA algorithms. RFC 8624 compliance.	2020-01-27 09:40:18 +01:00
W.C.A. Wijngaards	82a6a2f8cc	Changelog note for PR#155. - Merge PR#155 from Rober Edmonds: contrib/libunbound.pc.in: Fixes to Libs/Requires for crypto library dependencies.	2020-01-27 09:31:07 +01:00
W.C.A. Wijngaards	61456ff81d	Changelog and contrib/README note for PR#150. - Merge PR#150 from Frzk: Systemd unit without chroot. It add contrib/unbound_nochroot.service.in, a systemd file for use with chroot: "", see comments in the file, it uses systemd protections instead.	2020-01-23 16:16:52 +01:00
Ralph Dolmans	9877e52161	Merge branch 'master' of github.com:NLnetLabs/unbound into rpz	2020-01-15 23:44:10 +01:00
W.C.A. Wijngaards	1e0c957dcd	- Fix auth zone support for NSEC3 records without salt.	2020-01-14 16:03:29 +01:00
W.C.A. Wijngaards	ea26e5038e	- Fix for memory leak when edns subnet config options are read when compiled without edns subnet support.	2020-01-14 15:48:27 +01:00
W.C.A. Wijngaards	2c4be0c201	- Fix crash after reload where a stats lookup could reference old key cache and neg cache structures.	2020-01-14 15:18:52 +01:00
W.C.A. Wijngaards	9b3f3101e3	- Removed the dnscrypt_queries and dnscrypt_queries_chacha tests, because dnscrypt-proxy (2.0.36) does not support the test setup any more, and also the config file format does not seem to have the appropriate keys to recreate that setup.	2020-01-14 14:40:44 +01:00
W.C.A. Wijngaards	e149bc7046	- Fix unreachable code in ssl set options code.	2020-01-10 11:28:01 +01:00
W.C.A. Wijngaards	a8db52120b	- Fix the relationship between serve-expired and prefetch options, patch from Saksham Manchanda from Secure64.	2020-01-10 10:04:50 +01:00
Ralph Dolmans	92a525225b	- Add changelog entry for fix #138 (stop binding pidfile inside chroot dir in systemd service file).	2020-01-08 16:36:18 +01:00
W.C.A. Wijngaards	c4e199ecca	- And update for more spare space.	2020-01-08 12:58:07 +01:00
W.C.A. Wijngaards	5ae1544583	- Updated sldns_bget_token_par fix for also space for the zero delimiter after the character.	2020-01-08 11:55:42 +01:00
W.C.A. Wijngaards	05a5dc2d0d	- Fix out-of-bounds null-byte write in sldns_bget_token_par while parsing type WKS, reported by Luis Merino from X41 D-Sec.	2020-01-08 11:08:16 +01:00
W.C.A. Wijngaards	19473d95eb	- Fix 'make test' to work for --disable-sha1 configure option.	2020-01-08 09:23:46 +01:00
George Thessalonikefs	8686b0abbf	- Changes to compat/getentropy_solaris.c for, ifdef stdint.h inclusion for older systems. ifdef sha2.h inclusion for older systems.	2020-01-07 15:19:15 +02:00
George Thessalonikefs	d68ece28c4	- Downgrade compat/getentropy_solaris.c to version 1.4 from OpenBSD. The dl_iterate_phdr() function introduced in newer versions raises compilation errors on solaris 10.	2020-01-07 15:06:14 +02:00
W.C.A. Wijngaards	453c84b237	- Fix #140 : Document slave not downloading new zonefile upon update.	2020-01-06 16:36:44 +01:00
W.C.A. Wijngaards	20a3d3be5f	(Changelog note for #135 ). - Merge #135 from Florian Obser: Use passed in neg and key cache if non-NULL.	2020-01-06 16:18:46 +01:00
George Thessalonikefs	1d45b4a1e0	- Update mailing list URL.	2019-12-16 16:03:31 +01:00
Ralph Dolmans	90b42b56b6	- Fix typo to let serve-expired-ttl work with ub_ctx_set_option(), by Florian Obser	2019-12-12 13:05:09 +01:00
Ralph Dolmans	f1d5d5d682	Make master 1.9.7 in development.	2019-12-12 12:48:29 +01:00
W.C.A. Wijngaards	41d3e2027c	- Fix to make auth zone IXFR to fallback to AXFR if a single response RR is received over TCP with the SOA in it.	2019-12-10 13:09:50 +01:00
W.C.A. Wijngaards	e828d678ba	- Fix Makefile.in for ipset module compile, from Adi Prasaja.	2019-12-06 11:31:34 +01:00
W.C.A. Wijngaards	f3c2d05728	- Fix ipsecmod compile.	2019-12-06 07:59:55 +01:00
W.C.A. Wijngaards	4b73b5f299	- tag for 1.9.6rc1.	2019-12-05 11:21:46 +01:00
W.C.A. Wijngaards	ff7d68ca53	- unbound-fuzzers.tar.bz2: three programs for fuzzing, that are 1:1 replacements for unbound-fuzzme.c that gets created after applying the contrib/unbound-fuzzme.patch. They are contributed by Eric Sesterhenn from X41 D-Sec.	2019-12-05 09:10:49 +01:00
W.C.A. Wijngaards	3fb98a72d2	- Fix Make Test Fails when Configured With --enable-alloc-nonregional, reported by X41 D-Sec.	2019-12-04 16:23:52 +01:00
W.C.A. Wijngaards	6e8b4a7796	- update contrib/fastrpz.patch to apply more cleanly.	2019-12-04 11:41:13 +01:00
W.C.A. Wijngaards	6f7eb3ea9f	- Fix testbound for alloccheck runs, memory purify and lock checks.	2019-12-04 11:37:24 +01:00
W.C.A. Wijngaards	216747bb17	- Fix lock type for memory purify log lock deletion.	2019-12-04 09:44:31 +01:00
W.C.A. Wijngaards	8f79119826	- make depend	2019-12-03 17:28:51 +01:00
W.C.A. Wijngaards	4106308bd5	- Fix Hardcoded Constant, reported by X41 D-Sec.	2019-12-03 17:23:38 +01:00
W.C.A. Wijngaards	c4c1f9e5ef	- Fix _vfixed not Used, removed from sbuffer code, reported by X41 D-Sec.	2019-12-03 17:07:35 +01:00
W.C.A. Wijngaards	b6f0b1af86	- Fix compile error in dnscrypt.	2019-12-03 16:44:24 +01:00
W.C.A. Wijngaards	68027ab145	- Fix Client NONCE Generation used for Server NONCE, reported by X41 D-Sec.	2019-12-03 16:42:14 +01:00
W.C.A. Wijngaards	4a7ebfabcf	- Fix Bad Indentation, in dnscrypt.c, reported by X41 D-Sec.	2019-12-03 16:34:53 +01:00
W.C.A. Wijngaards	9ce6119513	- Fix snprintf() supports the n-specifier, reported by X41 D-Sec.	2019-12-03 16:29:18 +01:00
W.C.A. Wijngaards	534eac6ae5	Note what it did, lower to 256 max count.	2019-12-03 16:21:04 +01:00
W.C.A. Wijngaards	d3ff930b06	- Fix Hang in sldns_wire2str_pkt_scan(), reported by X41 D-Sec.	2019-12-03 16:20:24 +01:00
W.C.A. Wijngaards	6c3a0b54ed	- Fix Out of Bound Write Compressed Names in rdata_copy(), reported by X41 D-Sec.	2019-12-03 16:18:47 +01:00
W.C.A. Wijngaards	2d444a5037	- Fix Insufficient Handling of Compressed Names in dname_pkt_copy(), reported by X41 D-Sec.	2019-12-03 16:17:03 +01:00
W.C.A. Wijngaards	c99438c6a1	- Fix Out of Bounds Write in sldns_b64_pton(), fixed by check in sldns_str2wire_int16_data_buf(), reported by X41 D-Sec.	2019-12-03 16:10:34 +01:00
W.C.A. Wijngaards	3f3cadd416	- Fix Out of Bounds Write in sldns_str2wire_str_buf(), reported by X41 D-Sec.	2019-12-03 16:01:31 +01:00
W.C.A. Wijngaards	e183a66d60	- Fix OOB Read in sldns_wire2str_dname_scan(), reported by X41 D-Sec.	2019-12-03 15:42:34 +01:00
W.C.A. Wijngaards	d2eb78e871	- Fix Assert Causing DoS in dname_pkt_copy(), reported by X41 D-Sec.	2019-12-03 15:20:48 +01:00
W.C.A. Wijngaards	5a66aecef9	- Fix similar code in auth_zone synth cname to add the extra checks.	2019-12-03 15:11:22 +01:00
W.C.A. Wijngaards	f5e06689d1	- Fix Assert Causing DoS in synth_cname(), reported by X41 D-Sec.	2019-12-03 15:10:36 +01:00
W.C.A. Wijngaards	5a00b31f86	- Fix text around serial arithmatic used for RRSIG times to refer to correct RFC number.	2019-12-03 12:58:09 +01:00
W.C.A. Wijngaards	cdbf091c0d	Changelog entry for merge of #124 . - Merge pull request #124 from rmetrich: Changed log lock from 'quick' to 'basic' because this is an I/O lock.	2019-12-03 10:03:44 +01:00
W.C.A. Wijngaards	aa64c58368	Changelog entry for #122 . - Merge pull request #122 from he32: In tcp_callback_writer(), don't disable time-out when changing to read.	2019-12-02 13:59:43 +01:00
W.C.A. Wijngaards	f82f971997	- Add make distclean that removes everything configure produced, and make maintainer-clean that removes bison and flex output.	2019-11-22 15:10:02 +01:00
George Thessalonikefs	30b0fa1e8e	Fix compiler warnings.	2019-11-22 14:30:56 +01:00
W.C.A. Wijngaards	1718a8e6b5	- Fix dname loop maximum, reported by Eric Sesterhenn from X41 D-Sec.	2019-11-22 14:23:00 +01:00
Ralph Dolmans	bbb737ca5a	processing RPZ review feedback	2019-11-22 12:56:24 +08:00
W.C.A. Wijngaards	ebad5416d7	- Fix comments for doxygen in dns64.	2019-11-20 15:22:20 +01:00
W.C.A. Wijngaards	8833d44d01	- Fix python examples/calc.py for eval, reported by X41 D-Sec.	2019-11-20 15:07:09 +01:00
W.C.A. Wijngaards	da4d6ffee3	- Fix Bad Randomness in Seed, reported by X41 D-Sec.	2019-11-20 14:40:50 +01:00
W.C.A. Wijngaards	981fedea0e	- Fix NULL Pointer Dereference via Control Port, reported by X41 D-Sec.	2019-11-20 14:37:13 +01:00
W.C.A. Wijngaards	3a49e683ed	- Fix Enum Name not Used, reported by X41 D-Sec.	2019-11-20 14:22:06 +01:00
W.C.A. Wijngaards	3907876eac	- Fix Unrequired Checks, reported by X41 D-Sec.	2019-11-20 14:05:54 +01:00
W.C.A. Wijngaards	fcd9b34bb5	- Fix Useless memset() in validator, reported by X41 D-Sec.	2019-11-20 14:02:58 +01:00
W.C.A. Wijngaards	d63ec2dfcb	- Fix Terminating Quotes not Written, reported by X41 D-Sec.	2019-11-20 14:01:01 +01:00
W.C.A. Wijngaards	6139943428	- Fix compile with --enable-alloc-checks, reported by X41 D-Sec.	2019-11-20 13:51:10 +01:00
W.C.A. Wijngaards	a76e43341f	- Fixed Compat Code Diverging from Upstream, reported by X41 D-Sec.	2019-11-20 13:30:27 +01:00
W.C.A. Wijngaards	d63536289c	- Changes to compat/getentropy files for, no link to openssl if using nettle, and hence config.h for HAVE_NETTLE variable. compat definition of MAP_ANON, for older systems. ifdef stdint.h inclusion for older systems. ifdef sha2.h inclusion for older systems.	2019-11-20 13:28:49 +01:00
W.C.A. Wijngaards	d085a0039b	- Upgrade compat/getentropy_osx.c to version 1.12 from OpenBSD.	2019-11-20 13:12:36 +01:00
W.C.A. Wijngaards	3ebc480690	- Upgrade compat/getentropy_solaris.c to version 1.13 from OpenBSD.	2019-11-20 13:11:05 +01:00
W.C.A. Wijngaards	20dd979d00	- Synchronize compat/getentropy_win.c with version 1.5 from OpenBSD, no changes but makes the file, comments, identical.	2019-11-20 13:08:43 +01:00
W.C.A. Wijngaards	623dba975a	- Upgrade compat/getentropy_linux.c to version 1.46 from OpenBSD.	2019-11-20 13:05:10 +01:00
W.C.A. Wijngaards	09707fc403	- Fix Integer Underflow in Regional Allocator, reported by X41 D-Sec.	2019-11-20 13:00:56 +01:00
W.C.A. Wijngaards	2dcc7016ac	- Fix Local Memory Leak in cachedb_init(), reported by X41 D-Sec.	2019-11-20 12:56:39 +01:00
W.C.A. Wijngaards	f887552763	- Fix Config Injection in create_unbound_ad_servers.sh, reported by X41 D-Sec.	2019-11-20 12:02:19 +01:00
W.C.A. Wijngaards	72d348de6a	- Fix Out-of-Bounds Read in dname_valid(), reported by X41 D-Sec.	2019-11-20 11:38:11 +01:00
W.C.A. Wijngaards	7646c96259	- Fix Randomness Error not Handled Properly, reported by X41 D-Sec.	2019-11-20 11:35:07 +01:00
W.C.A. Wijngaards	d8809c672a	- Fix Weak Entropy Used For Nettle, reported by X41 D-Sec.	2019-11-20 11:28:53 +01:00
W.C.A. Wijngaards	7e3da817c3	- Adjust unbound-control to make stats_shm a read only operation.	2019-11-20 11:18:03 +01:00
W.C.A. Wijngaards	c54fe82886	- Fix Shared Memory World Writeable, reported by X41 D-Sec.	2019-11-20 11:13:45 +01:00
W.C.A. Wijngaards	1fa40654d2	- Fix Race Condition in autr_tp_create(), reported by X41 D-Sec.	2019-11-20 11:01:56 +01:00
W.C.A. Wijngaards	d79d75538b	- Fix Out of Bounds Read in rrinternal_get_owner(), reported by X41 D-Sec.	2019-11-20 08:28:12 +01:00
W.C.A. Wijngaards	fa23ee8f31	- Fix Out of Bounds Write in sldns_bget_token_par(), reported by X41 D-Sec.	2019-11-19 16:54:44 +01:00
W.C.A. Wijngaards	51c23b0209	- Fix Out of Bounds Read in sldns_str2wire_dname(), reported by X41 D-Sec.	2019-11-19 16:46:33 +01:00
W.C.A. Wijngaards	a3545867fc	- Fix Integer Overflow to Buffer Overflow in sldns_str2wire_dname_buf_origin(), reported by X41 D-Sec.	2019-11-19 16:42:17 +01:00
W.C.A. Wijngaards	02080f6b18	- Fix Integer Overflows in Size Calculations, reported by X41 D-Sec.	2019-11-19 16:32:40 +01:00
W.C.A. Wijngaards	07156bd5ea	- Fix Out-of-bounds Read in rr_comment_dnskey(), reported by X41 D-Sec.	2019-11-19 16:17:06 +01:00
W.C.A. Wijngaards	2a4e840be4	- Fix Unchecked NULL Pointer in dns64_inform_super() and ipsecmod_new(), reported by X41 D-Sec.	2019-11-19 15:48:18 +01:00
W.C.A. Wijngaards	226298bbd3	- Fix Integer Overflow in Regional Allocator, reported by X41 D-Sec.	2019-11-19 15:38:05 +01:00
W.C.A. Wijngaards	79a6e9fbe2	- Fixes to please lint checks.	2019-11-19 12:10:03 +01:00
W.C.A. Wijngaards	16bbfc3461	- Fix authzone printout buffer length check.	2019-11-19 10:09:44 +01:00
W.C.A. Wijngaards	d8090b8cae	- 1.9.5 is 1.9.4 with bugfix, trunk is 1.9.6 in development.	2019-11-19 10:06:12 +01:00
W.C.A. Wijngaards	09845779d5	- Fix CVE-2019-18934, shell execution in ipsecmod.	2019-11-19 10:05:18 +01:00
W.C.A. Wijngaards	cb8374cce5	- gitignore .source tempfile used for compatible make.	2019-11-18 15:58:19 +01:00
W.C.A. Wijngaards	442e95620e	- Portable grep usage for reuseport configure test. - Check return type of HMAC_Init_ex for openssl 0.9.8.	2019-11-18 15:53:47 +01:00
W.C.A. Wijngaards	af6f5a3f54	- Provide a prototype for compat malloc to remove compile warning.	2019-11-18 13:52:17 +01:00
W.C.A. Wijngaards	253d95a8ef	- update to bison output of 3.4.1 in code repository.	2019-11-18 10:50:54 +01:00
W.C.A. Wijngaards	57f2582790	- In unbound-host use separate variable for get_option to please code checkers.	2019-11-18 10:45:47 +01:00
W.C.A. Wijngaards	d05d6b959a	- fixes for splint cleanliness, long vs int in SSL set_mode.	2019-11-13 15:16:27 +01:00
W.C.A. Wijngaards	d4c904d091	- contrib/fastrpz.patch updated to apply for current code.	2019-11-13 11:40:56 +01:00
W.C.A. Wijngaards	5ac9bf3f9b	- iana portlist updated.	2019-11-13 11:37:06 +01:00
W.C.A. Wijngaards	f759fc5839	Changelog note and configure autoconf generated. - Merge #102 from jrtc27: Add getentropy emulation for FreeBSD.	2019-11-11 14:46:24 +01:00
W.C.A. Wijngaards	29b90c6e58	- Fix #109 : check number of arguments for stdin-pipes in unbound-control and fail if too many arguments.	2019-11-11 12:02:51 +01:00
W.C.A. Wijngaards	7dfbcdf276	- Fix #99 : Memory leak in ub_ctx (event_base will never be freed).	2019-10-24 09:58:45 +02:00
George Thessalonikefs	941b324187	Add new configure option `--enable-fully-static` to enable full static build if requested; in relation to #91.	2019-10-23 16:10:07 +02:00
W.C.A. Wijngaards	21472c2393	Changelog note for #97 . - Merge #97: manpage: Add missing word on unbound.conf, from Erethon.	2019-10-23 07:56:17 +02:00
Dionysis Grigoropoulos	e8b8d42f8b	manpage: Add missing word on unbound.conf	2019-10-23 00:35:49 +03:00
W.C.A. Wijngaards	e6a179e27a	- drop-tld.diff: adds option drop-tld: yesno that drops 2 label queries, to stop random floods. Apply with patch -p1 < contrib/drop-tld.diff and compile. From Saksham Manchanda (Secure64). Please note that we think this will drop DNSKEY and DS lookups for tlds and hence break DNSSEC lookups for downstream clients.	2019-10-22 10:32:37 +02:00
PMunch	f177dc974c	Add support for multiple dynamic modules Allows the use of multiple dynamic modules. Simply add more "dynlib" entries to the "modules-config" and the same amount of "dynlib-file" entries in the dynlib configuration block.	2019-10-21 15:59:53 +02:00
PMunch	8eeb910e3d	Improve dynlib module and add documentation Dynamic library module is now only a thin wrapper that loads dynamic libraries and forwards all function calls directly to the loaded module. This meant adding get_mem and clear, and get_mem calls have been added in the expected places. Documentation has also been added to the example.conf and the unbound.conf manpage.	2019-10-21 14:20:33 +02:00
W.C.A. Wijngaards	eb2283332b	- Add doxygen comments to unbound-anchor source address code, in #86 .	2019-10-07 09:50:04 +02:00
W.C.A. Wijngaards	b2c3b4758b	For #86 , note credit for Lukas Wunner.	2019-10-03 16:29:45 +02:00
W.C.A. Wijngaards	8bfbd81fec	Changelog entry for #86 and whitespace fix. - Merge #86 from psquarejho: Added -b source address option to smallapp/unbound-anchor.c.	2019-10-03 16:22:42 +02:00
Wouter Wijngaards	3d91a9fd56	Merge pull request #86 from psquarejho/master Added -b / source address option to smallapp/unbound-anchor.c	2019-10-03 16:19:58 +02:00
W.C.A. Wijngaards	facc6c6541	- Merge 1.9.4 release with fix for vulnerability CVE-2019-16866. - Continue with development of 1.9.5.	2019-10-03 11:40:13 +02:00
W.C.A. Wijngaards	82dffb1023	Changelog entry for Merge #90 . - Merge #90 from vcunat: fix build with nettle-3.5.	2019-10-03 08:59:16 +02:00
W.C.A. Wijngaards	7963c9f463	Changelog note for #87 . - Merge #87 from hardfalcon: Fix contrib/unbound.service.in, Drop CAP_KILL, use + prefix for ExecReload= instead.	2019-09-26 13:17:46 +02:00
W.C.A. Wijngaards	55bb4c1275	- The unbound.conf includes are sorted ascending, for include statements with a '*' from glob.	2019-09-25 16:50:30 +02:00
Jens Hoffrichter	b966dd8e06	Added -b / source address option to smallapp/unbound-anchor.c	2019-09-24 14:42:36 +00:00
W.C.A. Wijngaards	06a91b0eaa	Changelog entry for fix #84 and #85 . - Merge #85 for #84 from sam-lunt: Add kill capability to systemd service file to fix that systemctl reload fails.	2019-09-23 09:20:12 +02:00
W.C.A. Wijngaards	f635b47ade	Changelog entry for #83 - Merge #83 from Maryse47: contrib/unbound.service.in: do not fork into the background.	2019-09-20 12:59:41 +02:00
W.C.A. Wijngaards	1b62399a6e	Changelog entry for #81 . - Merge #81 from Maryse47: Consistently use /dev/urandom instead of /dev/random in scripts and docs.	2019-09-20 07:44:43 +02:00
Wouter Wijngaards	e1e71eac3e	Merge pull request #81 from Maryse47/urandom Consistently use /dev/urandom instead of /dev/random in scripts and docs	2019-09-20 07:44:22 +02:00
W.C.A. Wijngaards	aefd2df51f	(Changelog entry for #82 ). - Merge #82 from hardfalcon: Downgrade CAP_NET_ADMIN to CAP_NET_RAW in unbound.service.	2019-09-20 07:38:34 +02:00
Maryse47	ce0e9bef45	Consistently use /dev/urandom instead of /dev/random in scripts and docs Unbound code call /dev/urandom (see below) but various docs and scripts mention /dev/random which may be confusing. https://github.com/NLnetLabs/unbound/blob/release-1.9.3/compat/arc4random.c#L107 https://github.com/NLnetLabs/unbound/blob/release-1.9.3/compat/getentropy_linux.c#L251 https://github.com/NLnetLabs/unbound/blob/release-1.9.3/compat/getentropy_osx.c https://github.com/NLnetLabs/unbound/blob/release-1.9.3/compat/getentropy_solaris.c#L116	2019-09-19 17:40:49 +02:00
W.C.A. Wijngaards	1dcc88b6e8	- Merge #80 from stasic: Improve wording in man page. (Changelog entry for merge)	2019-09-19 16:56:14 +02:00
Arsen Stasic	9303292b7f	Improve wording in man page Make it more consistent throughout the man page. If a config option can either be yes or no use exact these terms and not something like on which could be easily read as no.	2019-09-19 14:51:54 +00:00
W.C.A. Wijngaards	9f0b260c49	- Fix wrong response ttl for prepended short CNAME ttls, this would create a wrong zero_ttl response count with serve-expired enabled.	2019-09-19 16:29:51 +02:00
W.C.A. Wijngaards	ab53baa6f5	- Fix for oss-fuzz build warning.	2019-09-19 10:09:49 +02:00
W.C.A. Wijngaards	554e4a939c	- Fix fix for #78 to also free service callback struct.	2019-09-19 10:03:47 +02:00
W.C.A. Wijngaards	45b3215594	- oss-fuzz badge on README.md.	2019-09-19 09:55:23 +02:00
W.C.A. Wijngaards	3cb1cdeebd	- Merge pull request #76 from Maryse47: Improvements and fixes for systemd unbound.service. (Changelog note for merge of #76).	2019-09-19 09:53:21 +02:00
W.C.A. Wijngaards	1a4eaaabc5	- Fix #78 : Memory leak in outside_network.c.	2019-09-19 09:11:23 +02:00
W.C.A. Wijngaards	13d96540de	- Use explicit bzero for wiping clear buffer of hash in cachedb, reported by Eric Sesterhenn from X41 D-Sec.	2019-09-11 15:31:03 +02:00
Ralph Dolmans	f3dfb4d537	Typo fix, reported by jpmens	2019-09-09 18:54:23 +02:00
Ralph Dolmans	9843b836ee	Merge branch 'master' into rpz	2019-09-09 17:17:43 +02:00
Ralph Dolmans	2b5cd8e9b4	Merge remote-tracking branch 'ralph/feature/rpz' into rpz	2019-09-09 17:11:26 +02:00
W.C.A. Wijngaards	e45e9f1ce0	- Fix #72 : configure --with-syslog-facility=LOCAL0-7 with default LOG_DAEMON (as before) can set the syslog facility that the server uses to log messages.	2019-09-09 14:27:55 +02:00
W.C.A. Wijngaards	05b9f4fd28	- Fix #71 : fix openssl error squelch commit compilation error.	2019-09-04 08:44:19 +02:00
W.C.A. Wijngaards	1089fd6dc1	- squelch DNS over TLS errors 'ssl handshake failed crypto error' on low verbosity, they show on verbosity 3 (query details), because there is a high volume and the operator cannot do anything for the remote failure. Specifically filters the high volume errors.	2019-09-03 09:47:27 +02:00
W.C.A. Wijngaards	366296ec14	- updated Makefile dependencies.	2019-09-02 15:56:24 +02:00
W.C.A. Wijngaards	7f9aa6734a	- ipset: refactor long routine into three smaller ones.	2019-09-02 15:17:25 +02:00
W.C.A. Wijngaards	9902a5f81d	- ipset module #28 : log that an address is added, when verbosity high.	2019-09-02 13:50:42 +02:00
W.C.A. Wijngaards	cd0a2b1af1	- Master is 1.9.4 in development.	2019-08-27 09:56:20 +02:00
W.C.A. Wijngaards	a374dfb669	- Fix contrib/fastrpz.patch asprintf return value checks.	2019-08-23 08:41:46 +02:00
W.C.A. Wijngaards	79fa94834e	- 1.9.3rc2 release candidate tag.	2019-08-22 14:50:49 +02:00
W.C.A. Wijngaards	06847ff3be	- Fix that pkg-config is setup before --enable-systemd needs it.	2019-08-22 12:22:25 +02:00
W.C.A. Wijngaards	80c2c69fa7	- Fix log_dns_msg to log irrespective of minimal responses config.	2019-08-21 17:41:29 +02:00
Ralph Dolmans	8b752e359e	- Document limitation of pidfile removal outside of chroot directory.	2019-08-19 13:27:19 +02:00
W.C.A. Wijngaards	d3b3d64ef3	- Remove warning about unknown cast-function-type warning pragma.	2019-08-16 12:52:58 +02:00
W.C.A. Wijngaards	c602ba7319	- Fixup contrib/fastrpz.patch	2019-08-16 12:37:13 +02:00
W.C.A. Wijngaards	bdb6c153e4	- Please doxygen's parser for "@" occurrence in doxygen comment.	2019-08-16 12:21:40 +02:00
W.C.A. Wijngaards	d8a8730cac	- Fix unittest valgrind false positive uninitialised value report, where if gcc 9.1.1 uses -O2 (but not -O1) then valgrind 3.15.0 issues an uninitialised value for the token buffer at the str2wire.c rrinternal_get_owner() strcmp with the '@' value. Rewritten to use straight character comparisons removes the false positive. Also valgrinds --expensive-definedness-checks=yes can stop this false positive.	2019-08-16 12:18:23 +02:00
W.C.A. Wijngaards	0532cdd357	- (for later release): -V prints if TCP fastopen is available.	2019-08-15 17:04:38 +02:00
W.C.A. Wijngaards	e84b913585	- 1.9.3rc1 release candidate tag.	2019-08-15 15:49:15 +02:00
W.C.A. Wijngaards	a5027f5f56	- Fix character buffer size in ub_ctx_hosts.	2019-08-15 15:11:04 +02:00
W.C.A. Wijngaards	06a58ca248	- escape commandline contents for -V.	2019-08-15 15:05:02 +02:00
W.C.A. Wijngaards	4700d79024	- avoid warning about upcast on 32bit systems for autotrust.	2019-08-15 14:25:46 +02:00
W.C.A. Wijngaards	9d9884c442	- Fix autotrust temp file uniqueness windows compile.	2019-08-15 14:02:14 +02:00
W.C.A. Wijngaards	c1c75929fa	- iana portlist updated.	2019-08-15 13:07:26 +02:00
W.C.A. Wijngaards	8cb3656b3e	- Fix warning for unused variable for compilation without systemd.	2019-08-14 16:08:19 +02:00
George Thessalonikefs	a90f173875	- Fix #59 , when compiled with systemd support check that we can properly communicate with systemd through the `NOTIFY_SOCKET`.	2019-08-14 15:51:28 +02:00
gthess	fd415d8833	Merge branch 'master' into show-build-options	2019-08-14 11:45:41 +02:00
W.C.A. Wijngaards	b5a52f8c86	- Generate configlexer with newer flex.	2019-08-14 11:40:35 +02:00
George Thessalonikefs	008813f0a2	- Introduce `-V` option to print the version number and build options. Previously reported build options like linked libs and linked modules are now moved from `-h` to `-V` as well for consistency. - PACKAGE_BUGREPORT now also includes link to GitHub issues.	2019-08-12 17:52:43 +02:00
Ralph Dolmans	abbb5c0f6d	Update RPZ man page and example.conf	2019-08-07 14:53:23 +02:00
W.C.A. Wijngaards	fa506e3cda	- Check repinfo in worker_handle_request, if null, drop it.	2019-08-01 16:57:36 +02:00
W.C.A. Wijngaards	df0c844eed	- Fix to timeval_add for remaining second in microseconds.	2019-08-01 16:48:41 +02:00
W.C.A. Wijngaards	199e6c586b	- Fix to return after failed auth zone http chunk write. - Fix to remove unused test for task_probe existance.	2019-08-01 16:40:52 +02:00
W.C.A. Wijngaards	21f740d313	- Fix #52 #53 , fix for example fail program.	2019-08-01 09:34:44 +02:00
W.C.A. Wijngaards	e860d39f54	- For #52 #53 , second context does not close logfile override.	2019-08-01 09:15:33 +02:00
W.C.A. Wijngaards	27811ffaa9	- Add hex print of trust anchor pointer to trust anchor file temp name to make it unique, for libunbound created multiple contexts.	2019-07-29 16:51:40 +02:00
W.C.A. Wijngaards	7d5ab2f4de	- Add verbose log message when auth zone file is written, at level 4.	2019-07-29 09:25:49 +02:00
W.C.A. Wijngaards	5f5c00203e	- Fix question section mismatch in local zone redirect.	2019-07-23 14:01:59 +02:00
W.C.A. Wijngaards	c94e13220b	- Fix #49 : Set no renegotiation on the SSL context to stop client session renegotiation.	2019-07-19 08:18:06 +02:00
W.C.A. Wijngaards	368386c011	- Fix #48 : Unbound returns additional records on NODATA response, if minimal-responses is enabled, also the additional for negative responses is removed.	2019-07-12 14:34:35 +02:00
Ralph Dolmans	d5ebc63add	- Fix in respip addrtree selection. Absence of addr_tree_init_parents() call made it impossible to go up the tree when the matching netmask is too specific.	2019-07-09 14:58:36 +02:00
Ralph Dolmans	d323e1bda8	- Fix for possible assertion failure when answering respip CNAME from cache.	2019-07-05 16:52:03 +02:00
W.C.A. Wijngaards	da46ea24d5	- For #45 , check that 127.0.0.1 and ::1 are not used in unbound.conf when do-not-query-localhost is turned on, or at default on, unbound-checkconf prints a warning if it is found in forward-addr or stub-addr statements.	2019-06-25 14:50:49 +02:00
W.C.A. Wijngaards	1aa1facabc	- Fix memleak in unit test, reported from the clang 8.0 static analyzer.	2019-06-24 10:53:27 +02:00
W.C.A. Wijngaards	78b2f1cc20	- Fix python dict reference and double free in config.	2019-06-18 17:25:08 +02:00
W.C.A. Wijngaards	164f302011	- Merge PR #6 : Python module: support multiple instances - Merge PR #5: Python module: define constant MODULE_RESTART_NEXT - Merge PR #4: Python module: assign something useful to the per-query data store 'qdata' Noted in Changelog.	2019-06-18 17:11:31 +02:00
W.C.A. Wijngaards	63b2628a18	Merge branch 'dev/all-merged/master' of git://github.com/episource/unbound into episource-dev/all-merged/master	2019-06-18 17:07:57 +02:00
W.C.A. Wijngaards	0f3eac4a0e	- Added documentation to the ipset files (for doxygen output).	2019-06-18 16:25:11 +02:00
W.C.A. Wijngaards	72738471f1	- make depend	2019-06-18 15:59:10 +02:00
W.C.A. Wijngaards	c1e75c0369	- Fix to make unbound-control with ipset, remove unused variable, use unsigned type because of comparison, and assign null instead of compare with it. Remade lex and yacc output.	2019-06-18 15:57:28 +02:00
W.C.A. Wijngaards	b16c872a60	- PR #28 : IPSet module, by Kevin Chou. Created a module to support the ipset that could add the domain's ip to a list easily. Needs libmnl, and --enable-ipset and config it, doc/README.ipset.md. - Fix to omit RRSIGs from addition to the ipset.	2019-06-18 15:38:37 +02:00
W.C.A. Wijngaards	ed95b07764	Merge branch 'master' of git://github.com/k9982874/unbound into k9982874-master	2019-06-18 13:52:52 +02:00
W.C.A. Wijngaards	bf2307ca97	- Fix for #24 : Fix abort due to scan of auth zone masters using old address from previous scan.	2019-06-17 14:15:36 +02:00
W.C.A. Wijngaards	1ec96d8f07	- Fix #39 : In libunbound, leftover logfile is close()d unpredictably.	2019-06-17 12:13:12 +02:00
W.C.A. Wijngaards	3499d3c647	- Master contains version 1.9.3 in development.	2019-06-17 11:42:19 +02:00
W.C.A. Wijngaards	ee06aaaad9	- 1.9.2rc3 release candidate tag.	2019-06-14 08:38:37 +02:00
Moritz Schneider	f72885e5d7	Update Changelog	2019-06-12 19:11:20 +02:00
Moritz Schneider	8d9b94d3ef	Update documentation for outbound-msg-retry	2019-06-12 19:09:15 +02:00
W.C.A. Wijngaards	af6c5dea43	- Fix another spoolbuf storage code point, in prefetch.	2019-06-12 08:32:45 +02:00
W.C.A. Wijngaards	b57771d42b	- 1.9.2rc1 release candidate tag.	2019-06-11 12:46:44 +02:00
W.C.A. Wijngaards	6067ce6d2b	- Fix that fixes the Fix that spoolbuf is not used to store tcp pipelined response between mesh send and callback end, this fixes error cases that did not use the correct spoolbuf.	2019-06-11 12:15:43 +02:00
W.C.A. Wijngaards	081fd4fdae	- 1.9.2rc1 release candidate tag.	2019-06-06 09:32:53 +02:00
Ralph Dolmans	a77c35ef50	Add RPZ config options to unbound.conf man page.	2019-06-04 15:39:08 +02:00
Ralph Dolmans	bc83e0b016	fix double free issue	2019-06-04 12:38:44 +02:00
W.C.A. Wijngaards	09a0e6ee30	- iana portlist updated.	2019-06-04 12:21:21 +02:00
W.C.A. Wijngaards	a4f4d7b6ba	- Fix to guard _OPENBSD_SOURCE from redefinition.	2019-05-29 13:28:03 +02:00
W.C.A. Wijngaards	e2a2dcdfd5	- gitignore config.h.in~.	2019-05-28 11:12:41 +02:00
W.C.A. Wijngaards	14b11384a4	- Fix to define _OPENBSD_SOURCE to get reallocarray on NetBSD.	2019-05-28 11:12:05 +02:00
W.C.A. Wijngaards	a03f0a388e	- Fix double file close in tcp pipelined response code.	2019-05-27 11:23:41 +02:00
Wouter Wijngaards	0b77c9d676	- Fix that spoolbuf is not used to store tcp pipelined response between mesh send and callback end.	2019-05-24 09:35:38 +02:00
W.C.A. Wijngaards	1c3ba0cef7	- Note that so-reuseport at extreme load is better turned off, otherwise queries are not distributed evenly, on Linux 4.4.x.	2019-05-20 11:57:09 +02:00
W.C.A. Wijngaards	310396190b	- Fix #31 : swig 4.0 and python module.	2019-05-16 11:06:01 +02:00
W.C.A. Wijngaards	a08fe8ca60	- Attempt to fix malformed tcp response.	2019-05-13 15:39:59 +02:00
W.C.A. Wijngaards	a95f5fd5cb	- Squelch log messages from tcp send about connection reset by peer. They can be enabled with verbosity at higher values for diagnosing network connectivity issues.	2019-05-13 10:39:39 +02:00
W.C.A. Wijngaards	a922a19d70	- Revert fix for oss-fuzz, error is in that build script that unconditionally includes .o files detected by configure, also when the machine architecture uses different LIBOBJS files.	2019-05-09 17:07:01 +02:00
W.C.A. Wijngaards	a8d0177b36	- Attempt to fix build failure in oss-fuzz because of reallocarray. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14648. Does not omit compile flags from commandline.	2019-05-08 14:43:56 +02:00
W.C.A. Wijngaards	779b86fb22	- Fix doxygen output error on readme markdown vignettes.	2019-05-07 16:11:15 +02:00
W.C.A. Wijngaards	e3453711e5	- Fix edns-subnet locks, in error cases the lock was not unlocked.	2019-05-07 16:10:22 +02:00
W.C.A. Wijngaards	f1c23891ab	- Fix #30 : AddressSanitizer finding in lookup3.c. This sets the hash function to use a slower but better auditable code that does not read beyond array boundaries. This makes code better security checkable, and is better for security. It is fixed to be slower, but not read outside of the array.	2019-05-06 09:44:01 +02:00
W.C.A. Wijngaards	9b7843f879	- Fix #29 : Solaris 11.3 and missing symbols be64toh, htobe64.	2019-05-06 09:26:23 +02:00
Kevin Chu	56af87e2f3	edit config parser to support ipset	2019-05-03 17:45:34 +08:00
W.C.A. Wijngaards	bd5eeff364	- And gitignore unit test generated files, and generated doc files.	2019-05-02 16:14:03 +02:00
W.C.A. Wijngaards	2fea5663bd	- Fix .gitignore, add pythonmod and dnstap generated files.	2019-05-02 16:01:56 +02:00
W.C.A. Wijngaards	f46c238552	- contrib/fastrpz.patch updated for code changes, and with git diff.	2019-05-02 11:17:41 +02:00
W.C.A. Wijngaards	ee0087d5c7	- PR #16 : XoT support, AXFR over TLS Turn it on with master: <ip>#<authname> in unbound.conf. This uses TLS to download the AXFR (or IXFR).	2019-05-01 16:41:09 +02:00
Willem Toorop	d4f697f160	Merge branch 'master' into features/XoT	2019-05-01 16:24:52 +02:00
W.C.A. Wijngaards	5c5ddbe859	- Nicer travis output for clang analysis.	2019-05-01 13:34:45 +02:00
W.C.A. Wijngaards	c6db87d81d	- Update makedist for git.	2019-05-01 12:27:19 +02:00
Wouter Wijngaards	ff026a1f3c	Merge branch 'master' into features/XoT	2019-04-29 10:32:27 +02:00
W.C.A. Wijngaards	af11b54071	Review changes for the XoT branch With doc, SSL setup function, and function parameter doc.	2019-04-29 10:25:19 +02:00
Wouter Wijngaards	2a78803049	- Fix wrong query name in local zone redirect answers with a CNAME, the copy of the local alias is in unpacked form. git-svn-id: file:///svn/unbound/trunk@5175 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-25 14:07:42 +00:00
Ralph Dolmans	edf1ad369a	- Scrub RRs from answer section when reusing NXDOMAIN message for subdomain answers. - For harden-below-nxdomain: do not consider a name to be non-exitent when message contains a CNAME record. git-svn-id: file:///svn/unbound/trunk@5174 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-18 15:09:15 +00:00
Wouter Wijngaards	99f36a4e1e	- travis build file. git-svn-id: file:///svn/unbound/trunk@5162 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-18 09:30:35 +00:00
Wouter Wijngaards	61a28c2ee5	- iana portlist updated. git-svn-id: file:///svn/unbound/trunk@5161 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-16 13:21:22 +00:00
Wouter Wijngaards	2552a81b40	- Better braces in if statement in TCP fastopen code. git-svn-id: file:///svn/unbound/trunk@5160 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-16 12:53:50 +00:00
Wouter Wijngaards	ab6f1d0fc7	- Fix tls write event for read state change to re-call SSL_write and not resume the TLS handshake. git-svn-id: file:///svn/unbound/trunk@5159 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-15 11:52:21 +00:00
Wouter Wijngaards	c8a56bfa8f	- Squelch SSL read and write connection reset by peer and broken pipe messages. Verbosity 2 and higher enables them. git-svn-id: file:///svn/unbound/trunk@5158 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-11 15:04:32 +00:00
George Thessalonikefs	d1150541bb	- Update python documentation for init_standard(). - Typos. git-svn-id: file:///svn/unbound/trunk@5157 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-11 15:03:04 +00:00
Wouter Wijngaards	c6369e9ffa	- Fix that auth zone fails over to next master for timeout in tcp. git-svn-id: file:///svn/unbound/trunk@5155 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-11 13:41:53 +00:00
Wouter Wijngaards	474afc9016	- Fix that auth zone uses correct network type for sockets for SOA serial probes. This fixes that probes fail because earlier probe addresses are unreachable. git-svn-id: file:///svn/unbound/trunk@5154 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-11 08:00:33 +00:00
Wouter Wijngaards	bd3c02bd59	- Fix to wipe ssl ticket keys from memory with explicit_bzero, if available. git-svn-id: file:///svn/unbound/trunk@5153 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-08 14:42:08 +00:00
Wouter Wijngaards	32b1d900ff	Add explanation to changelog. git-svn-id: file:///svn/unbound/trunk@5152 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-08 14:36:00 +00:00
Wouter Wijngaards	4eac399dfd	- Fix #17 : Add python module example from Jan Janak, that is a plugin for the Unbound DNS resolver to resolve DNS records in multicast DNS [RFC 6762] via Avahi. git-svn-id: file:///svn/unbound/trunk@5151 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-08 14:34:58 +00:00
Wouter Wijngaards	c26fc84945	- verbose information about auth zone lookup process, also lookup start, timeout and fail. git-svn-id: file:///svn/unbound/trunk@5150 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-08 12:42:09 +00:00
Wouter Wijngaards	2b47ca080e	- Fix to use event_assign with libevent for thread-safety. git-svn-id: file:///svn/unbound/trunk@5149 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-08 11:02:34 +00:00
Wouter Wijngaards	348cbab016	- Fix to reinit event structure for accepted TCP (and TLS) sockets. git-svn-id: file:///svn/unbound/trunk@5148 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-05 14:11:28 +00:00
Wouter Wijngaards	a777329b7f	- Fix spelling error in log output for event method. git-svn-id: file:///svn/unbound/trunk@5147 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-04 14:28:39 +00:00
Wouter Wijngaards	ce8167a3bb	- Fix auth-zone NSEC3 response for wildcard nodata answers, include the closest encloser in the answer. git-svn-id: file:///svn/unbound/trunk@5146 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-03 06:36:40 +00:00
Wouter Wijngaards	937523285a	- Move goto label in answer_from_cache to the end of the function where it is more visible. git-svn-id: file:///svn/unbound/trunk@5145 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-03 05:32:28 +00:00
Wouter Wijngaards	8a0de6b519	- Fix for auth zone nsec3 ent fix for wildcard nodata. git-svn-id: file:///svn/unbound/trunk@5144 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-02 14:28:36 +00:00
Wouter Wijngaards	e338143639	- Fix for out of bounds integers, thanks to OSTIF audit. It is in allocation debug code. git-svn-id: file:///svn/unbound/trunk@5143 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-02 12:28:20 +00:00
Wouter Wijngaards	59570b0413	- Fix auth-zone NSEC3 response for empty nonterminals with exact match nsec3 records. git-svn-id: file:///svn/unbound/trunk@5142 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-04-02 12:21:41 +00:00
Wouter Wijngaards	78adebf8ec	- Fix crash if tls-servic-pem not filled in when necessary. git-svn-id: file:///svn/unbound/trunk@5141 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-25 08:51:17 +00:00
Wouter Wijngaards	b75c37252c	- Fix that tls-session-ticket-keys: "" on its own in unbound.conf disables the tls session ticker key calls into the OpenSSL API. git-svn-id: file:///svn/unbound/trunk@5140 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-25 08:47:14 +00:00
Wouter Wijngaards	296f28e8d0	- Fix #4240 : Fix whitespace cleanup in example.conf. git-svn-id: file:///svn/unbound/trunk@5139 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-21 12:14:20 +00:00
Wouter Wijngaards	83e2cade5b	- add type CAA to libpyunbound (accessing libunbound from python). git-svn-id: file:///svn/unbound/trunk@5138 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-19 12:14:52 +00:00
Wouter Wijngaards	ce0628ee55	- Fix #4239 : set NOTIMPL when deny-any is enabled, for RFC8482. git-svn-id: file:///svn/unbound/trunk@5137 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-18 09:26:06 +00:00
Wouter Wijngaards	bb5251da66	- Add log message, at verbosity 4, that says the query is encrypted with TLS, if that is enabled for the query. git-svn-id: file:///svn/unbound/trunk@5136 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-18 08:41:39 +00:00
Wouter Wijngaards	bfd0c5ec85	1.9.1 on 12 March 2019. Trunk has 1.9.2 in development. git-svn-id: file:///svn/unbound/trunk@5135 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-12 09:33:18 +00:00
Wouter Wijngaards	8092cd6331	- Fix for #4233 : guard use of NDEBUG, so that it can be passed in CFLAGS into configure. git-svn-id: file:///svn/unbound/trunk@5133 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-07 08:34:00 +00:00
Wouter Wijngaards	7105ea9293	- Tag release 1.9.1rc1. git-svn-id: file:///svn/unbound/trunk@5132 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-05 08:48:15 +00:00
Philipp Serr	bfae29866b	Document how to configure multiple python modules	2019-03-02 14:32:49 +01:00
Wouter Wijngaards	16cc196bf2	- output forwarder log in ssl_req_order test. git-svn-id: file:///svn/unbound/trunk@5130 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-03-01 12:38:53 +00:00
Wouter Wijngaards	a82c0eeece	- Print correct module that failed when module-config is wrong. git-svn-id: file:///svn/unbound/trunk@5128 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-28 09:56:45 +00:00
Wouter Wijngaards	a62c1135fe	- Remove memory leak on pythonmod python2 script file init. - Remove swig gcc8 python function cast warnings, they are ignored. git-svn-id: file:///svn/unbound/trunk@5127 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-28 09:12:54 +00:00
Wouter Wijngaards	7c1f9699d8	- Fix for python module on Windows, fix fopen. git-svn-id: file:///svn/unbound/trunk@5125 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-27 14:14:08 +00:00
Wouter Wijngaards	33a814683b	- Fix #14 : contrib/unbound.init: Fix wrong comparison judgment before copying. git-svn-id: file:///svn/unbound/trunk@5124 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-27 06:58:10 +00:00
Wouter Wijngaards	beebe5ba0c	- Fix #4229 : Unbound man pages lack information, about access-control order and local zone tags, and elements in views. git-svn-id: file:///svn/unbound/trunk@5123 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-27 06:56:21 +00:00
Wouter Wijngaards	225534e5ab	- Fix #4227 : pair event del and add for libevent for tcp_req_info. git-svn-id: file:///svn/unbound/trunk@5122 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-25 15:48:27 +00:00
Wouter Wijngaards	3599fd9c60	- In man page and example config explain that most modules have to be listed at the start of module-config. git-svn-id: file:///svn/unbound/trunk@5121 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-21 10:03:11 +00:00
Wouter Wijngaards	5b162ead92	- In example.conf explain where to put cachedb module in module-config. git-svn-id: file:///svn/unbound/trunk@5120 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-21 09:48:38 +00:00
Wouter Wijngaards	62428e17f6	- Fix the error for unknown module in module-config is understandable, and explains it was not compiled in and where to see the list. git-svn-id: file:///svn/unbound/trunk@5119 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-21 09:40:25 +00:00
Wouter Wijngaards	079253670e	- Fix pythonmod include and sockaddr_un ifdefs for compile on Windows, and for libunbound. git-svn-id: file:///svn/unbound/trunk@5118 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-20 15:19:58 +00:00
Wouter Wijngaards	91e863138b	- Print query name and IP address when domain rate limit exceeded. git-svn-id: file:///svn/unbound/trunk@5117 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-18 15:53:02 +00:00
Wouter Wijngaards	d1e92a0ebd	- Spaces instead of tabs in that log message. git-svn-id: file:///svn/unbound/trunk@5116 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-18 12:32:42 +00:00
Wouter Wijngaards	3949bf2c82	- Print query name with ip_ratelimit exceeded log lines. git-svn-id: file:///svn/unbound/trunk@5115 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-18 10:40:41 +00:00
Wouter Wijngaards	a41375411e	- Fix capsforid canonical sort qsort callback. git-svn-id: file:///svn/unbound/trunk@5114 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-14 08:16:15 +00:00
Wouter Wijngaards	030832cf12	- make depend, with newer gcc, nicer layout. git-svn-id: file:///svn/unbound/trunk@5113 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-11 10:02:45 +00:00
Wouter Wijngaards	49a36d98bb	- Fix #13 : Remove left-over requirements on OpenSSL >= 1.1.0 for cert name matching, from man page. git-svn-id: file:///svn/unbound/trunk@5112 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-11 09:59:47 +00:00
Wouter Wijngaards	19193fd534	- Fix recursion lame test for qname minimisation asked queries, that were not present in the set of prepared answers. git-svn-id: file:///svn/unbound/trunk@5110 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-11 09:49:13 +00:00
Wouter Wijngaards	4e249c96e8	- Note default for module-config in man page. git-svn-id: file:///svn/unbound/trunk@5109 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-11 08:53:59 +00:00
Wouter Wijngaards	cae8361dcd	- Fix #4225 : clients seem to erroneously receive no answer with DNS-over-TLS and qname-minimisation. git-svn-id: file:///svn/unbound/trunk@5108 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-08 15:05:24 +00:00
Wouter Wijngaards	429e130768	- Fix that qname minimisation does not skip a label when missing nameserver targets need to be fetched. git-svn-id: file:///svn/unbound/trunk@5107 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-08 13:30:51 +00:00
Wouter Wijngaards	20d57ec58b	- Fix #4206 : OpenSSL 1.0.2 hostname verification for FreeBSD 11.2. git-svn-id: file:///svn/unbound/trunk@5106 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-07 08:34:28 +00:00
Wouter Wijngaards	64c4e69b07	Release version numbers. git-svn-id: file:///svn/unbound/trunk@5102 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-05 08:17:36 +00:00
Wouter Wijngaards	99994a26b0	- Perform canonical sort for 0x20 capsforid compare of replies, this sorts rrsets in the authority and additional section before comparison, so that out of order rrsets do not cause failure. git-svn-id: file:///svn/unbound/trunk@5100 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-04 15:22:08 +00:00
Wouter Wijngaards	fe97f25b75	- Fix that log-replies prints the correct name for local-alias names, for names that have a CNAME in local-data configuration. It logs the original query name, not the target of the CNAME. - Add local-zone type inform_redirect, which logs like type inform, and redirects like type redirect. git-svn-id: file:///svn/unbound/trunk@5099 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-02-04 09:51:27 +00:00
Wouter Wijngaards	281030d576	- Wipe TLS session key data from memory on exit. git-svn-id: file:///svn/unbound/trunk@5098 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-31 15:25:27 +00:00
Wouter Wijngaards	8992e8c91f	note ticker number. git-svn-id: file:///svn/unbound/trunk@5097 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-31 12:35:33 +00:00
Wouter Wijngaards	8cf5eae166	- Fix OpenSSL without ENGINE support compilation. git-svn-id: file:///svn/unbound/trunk@5095 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-31 11:34:11 +00:00
Wouter Wijngaards	df8f236b62	- For openssl 1.0.2 use the CRYPTO_THREADID locking callbacks, still supports the set_id_callback previous API. And for 1.1.0 no locking callbacks are needed. git-svn-id: file:///svn/unbound/trunk@5094 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-31 11:31:55 +00:00
Wouter Wijngaards	273ff1201b	- fixed pkg-config operations, PKG_PROG_PKG_CONFIG moved out of conditional section, fixes systemd builds, from Enrico Scholz. git-svn-id: file:///svn/unbound/trunk@5093 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-31 10:21:54 +00:00
Wouter Wijngaards	91f585ed38	- improve documentation for forward-first. git-svn-id: file:///svn/unbound/trunk@5092 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-31 09:37:06 +00:00
Wouter Wijngaards	b9b226bdea	- improve documentation for tls-service-key. git-svn-id: file:///svn/unbound/trunk@5091 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-31 09:22:48 +00:00
Wouter Wijngaards	8fffdca2a6	- Set ub_ctx_set_tls call signature in ltrace config file for libunbound in contrib/libunbound.so.conf. git-svn-id: file:///svn/unbound/trunk@5090 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-31 09:16:15 +00:00
Ralph Dolmans	723845b350	- Fix case in which query timeout can result in marking delegation as edns_lame_known. git-svn-id: file:///svn/unbound/trunk@5089 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-30 13:44:19 +00:00
Wouter Wijngaards	31b677b35f	- Fix locking for libunbound context setup with broken port config. git-svn-id: file:///svn/unbound/trunk@5088 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-29 16:07:07 +00:00
Wouter Wijngaards	c2e3baa81a	- Fix #4224 : auth_xfr_notify.rpl test broken due to typo git-svn-id: file:///svn/unbound/trunk@5087 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-29 14:37:35 +00:00
Wouter Wijngaards	7273b35243	- Fix spelling of tls-ciphers in example.conf.in. git-svn-id: file:///svn/unbound/trunk@5086 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-29 12:43:56 +00:00
Wouter Wijngaards	dfe8e0dfa2	- set version to 1.9.0 for release. git-svn-id: file:///svn/unbound/trunk@5084 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-29 08:07:50 +00:00
Wouter Wijngaards	7ad8ffccf5	- List example config for root zone copy locally hosted with auth-zone as suggested from draft-ietf-dnsop-7706-bis-02. But with updated B root address. git-svn-id: file:///svn/unbound/trunk@5083 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-28 08:49:12 +00:00
Wouter Wijngaards	065c7c5dd8	- List d.root-servers.net as a host that allows AXFR in example.conf config file, as suggested from draft-ietf-dnsop-7706-bis-02. git-svn-id: file:///svn/unbound/trunk@5082 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-28 08:39:50 +00:00
Wouter Wijngaards	71744b8bb2	- Set build system for added call in the libunbound API. git-svn-id: file:///svn/unbound/trunk@5081 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-28 08:26:10 +00:00
Wouter Wijngaards	3d2dfc4769	- ub_ctx_set_tls call for libunbound that enables DoT for the machines set with ub_ctx_set_fwd. Patch from Florian Obser. git-svn-id: file:///svn/unbound/trunk@5080 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-28 08:22:08 +00:00
Wouter Wijngaards	5e4f0d65ce	Fix year on recent commit messages. git-svn-id: file:///svn/unbound/trunk@5079 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-25 16:19:37 +00:00
Wouter Wijngaards	aae44940c7	- output of newer lex 2.6.1 and bison 3.0.5. git-svn-id: file:///svn/unbound/trunk@5078 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-25 13:00:09 +00:00
Wouter Wijngaards	062c2cacfc	- remove compile warnings from libnettle compile. git-svn-id: file:///svn/unbound/trunk@5077 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-25 12:58:06 +00:00
Wouter Wijngaards	ce65cdde71	- no lock when threads disabled in tcp request buffer count. git-svn-id: file:///svn/unbound/trunk@5076 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-25 12:54:40 +00:00
Wouter Wijngaards	b005fcd87b	- updated contrib/fastrpz.patch to cleanly diff. git-svn-id: file:///svn/unbound/trunk@5075 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-25 12:50:45 +00:00
Wouter Wijngaards	f11d6653d6	- Fix that tcp for auth zone and outgoing does not remove and then gets the ssl read again applied to the deleted commpoint. git-svn-id: file:///svn/unbound/trunk@5074 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-25 12:46:15 +00:00
Wouter Wijngaards	20d5e35576	- Moved includes and make depend. git-svn-id: file:///svn/unbound/trunk@5073 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-24 16:10:05 +00:00
Wouter Wijngaards	3028fa50a8	- Patch from Florian Obser fixes some compiler warnings: include mini_event.h to have a prototype for mini_ev_cmp include edns.h to have a prototype for apply_edns_options sldns_wire2str_edns_keepalive_print is only called in the wire2str, module declare it static to get rid of compiler warning: no previous prototype for function infra_find_ip_ratedata() is only called in the infra module, declare it static to get rid of compiler warning: no previous prototype for function do not shadow local variable buf in authzone auth_chunks_delete and az_nsec3_findnode are only called in the authzone module, declare them static to get rid of compiler warning: no previous prototype for function... copy_rrset() is only called in the respip module, declare it static to get rid of compiler warning: no previous prototype for function 'copy_rrset' no need for another variable "r"; gets rid of compiler warning: declaration shadows a local variable in libunbound.c no need for another variable "ns"; gets rid of compiler warning: declaration shadows a local variable in iterator.c git-svn-id: file:///svn/unbound/trunk@5072 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-24 16:05:00 +00:00
Wouter Wijngaards	d48abb9a84	clang analysis fixes, assert arc4random buffer in init, no check for already checked delegation pointer in iterator, in testcode check for NULL packet matches, in perf do not copy from NULL start list when growing capacity. Adjust host and file only when present in test header read to please checker. In testcode for unknown macro operand give zero result. Initialise the passed argv array in test code. In test code add EDNS data segment copy only when nonempty. git-svn-id: file:///svn/unbound/trunk@5070 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-24 11:55:10 +00:00
Wouter Wijngaards	37361a1d10	- Fix unit test for python 3.7 new keyword 'async'. git-svn-id: file:///svn/unbound/trunk@5069 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-24 09:37:57 +00:00
Wouter Wijngaards	299cc0c689	- Newer aclocal and libtoolize used for generating configure scripts, aclocal 1.16.1 and libtoolize 2.4.6. git-svn-id: file:///svn/unbound/trunk@5068 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-24 08:57:47 +00:00
Wouter Wijngaards	649e265d6f	- Fix for IXFR fallback to reset counter when IXFR does not timeout. git-svn-id: file:///svn/unbound/trunk@5066 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-23 11:52:17 +00:00
Wouter Wijngaards	68a57554a6	For TLS session keys, keep config options in order read from file to keep the first one as the first one. git-svn-id: file:///svn/unbound/trunk@5064 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-23 10:41:03 +00:00
Wouter Wijngaards	d3f397c686	More fixes, statistic counter at end of struct for backwards compatibility, man page, free at exit, indent. git-svn-id: file:///svn/unbound/trunk@5062 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-23 10:19:04 +00:00
Wouter Wijngaards	011a7d8830	- Fixes for patch (includes, declarations, warnings). git-svn-id: file:///svn/unbound/trunk@5060 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-23 09:43:47 +00:00
Wouter Wijngaards	510606dd1c	- Patch for TLS session resumption from Manabu Sonoda, enable with tls-session-ticket-keys in unbound.conf. git-svn-id: file:///svn/unbound/trunk@5059 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-23 09:35:52 +00:00
Wouter Wijngaards	4e59c8344f	- Fix configure to detect SSL_CTX_set_ciphersuites, for better library compatibility when compiling. git-svn-id: file:///svn/unbound/trunk@5058 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-23 08:57:49 +00:00
Wouter Wijngaards	5d82b7c421	- Fixes for the patch, and man page entry. git-svn-id: file:///svn/unbound/trunk@5055 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-23 08:45:16 +00:00
Wouter Wijngaards	8ae9f26bce	- Patch from Manabu Sonoda with tls-ciphers and tls-ciphersuites options for unbound.conf. git-svn-id: file:///svn/unbound/trunk@5054 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-23 08:37:00 +00:00
Wouter Wijngaards	55f560a3ca	- Fix that auth zone after IXFR fallback tries the same master. git-svn-id: file:///svn/unbound/trunk@5053 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-22 15:44:09 +00:00
Wouter Wijngaards	51caffb454	- Fix for #4219 : secondaries not updated after serial change, unbound falls back to AXFR after IXFR gives several timeout failures. git-svn-id: file:///svn/unbound/trunk@5052 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-22 15:36:58 +00:00
Wouter Wijngaards	8b18d1a0a4	- unbound-control stats has mem.streamwait that counts TCP and TLS waiting result buffers. git-svn-id: file:///svn/unbound/trunk@5050 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-22 13:20:06 +00:00
Wouter Wijngaards	dec68aa9a9	- Doc for stream-wait-size and unit test. git-svn-id: file:///svn/unbound/trunk@5048 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-22 08:52:23 +00:00
Wouter Wijngaards	c10712a82b	- Fix space calculation for tcp req buffer size. git-svn-id: file:///svn/unbound/trunk@5047 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-22 08:27:49 +00:00
Wouter Wijngaards	d81e2c654f	- Add stream-wait-size: 4m config option to limit the maximum memory used by waiting tcp and tls stream replies. This avoids a denial of service where these replies use up all of the memory. git-svn-id: file:///svn/unbound/trunk@5046 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-21 16:20:14 +00:00
Wouter Wijngaards	be4583ac84	- Fix that multiple dns fragments can be carried in one TLS frame. git-svn-id: file:///svn/unbound/trunk@5043 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-21 13:41:13 +00:00
Wouter Wijngaards	068374740c	- Unit tests for ssl out of order processing. git-svn-id: file:///svn/unbound/trunk@5042 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-21 13:26:21 +00:00
Wouter Wijngaards	f7d63b0927	- Unit test for tcp request reorder and timeouts. git-svn-id: file:///svn/unbound/trunk@5041 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-21 13:04:08 +00:00
Wouter Wijngaards	9087b18234	- Fix tcp idle timeout test, for difference in the tcp reply code. git-svn-id: file:///svn/unbound/trunk@5040 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-21 09:36:01 +00:00
Wouter Wijngaards	19a3907657	- increase mesh max activation count for capsforid long fetches. git-svn-id: file:///svn/unbound/trunk@5039 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-17 08:58:09 +00:00
Wouter Wijngaards	762920232a	- For caps-for-id fallback, use the whitelist to avoid timeout starting a fallback sequence for it. git-svn-id: file:///svn/unbound/trunk@5038 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-17 08:50:25 +00:00
Ralph Dolmans	f30fe71395	- Get ready for the DNS flag day: remove EDNS lame procedure, do not re-query without EDNS after timeout. git-svn-id: file:///svn/unbound/trunk@5037 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-16 10:23:13 +00:00
Wouter Wijngaards	0d2efc3f3f	- Review fixes in out of order processing. git-svn-id: file:///svn/unbound/trunk@5035 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-15 10:27:00 +00:00
Wouter Wijngaards	bb480068fa	- In the out of order processing, reset byte count for (potential) partial read. git-svn-id: file:///svn/unbound/trunk@5034 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-15 09:24:00 +00:00
Wouter Wijngaards	ae9fe1a10e	- streamtcp option -a send queries consecutively and prints answers as they arrive. - Fix for out of order processing administration quit cleanup. - unit test for tcp out of order processing. git-svn-id: file:///svn/unbound/trunk@5033 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-14 15:52:50 +00:00
Wouter Wijngaards	dd19026e91	- Initial commit for out-of-order processing for TCP and TLS. git-svn-id: file:///svn/unbound/trunk@5032 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-11 14:12:27 +00:00
Wouter Wijngaards	42d2c04ae1	- Log query name for looping module errors. git-svn-id: file:///svn/unbound/trunk@5031 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-09 13:57:14 +00:00
Wouter Wijngaards	db2557826a	- Fix NSEC3 record that is returned in wildcard replies from auth-zone zones with NSEC3 and wildcards. git-svn-id: file:///svn/unbound/trunk@5030 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-08 14:39:31 +00:00
Wouter Wijngaards	11d98df304	- Fix syntax in comment of local alias processing. git-svn-id: file:///svn/unbound/trunk@5029 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-08 13:29:38 +00:00
Wouter Wijngaards	ec84fd2ca6	- Add contrib/unbound-fuzzme.patch from Jacob Hoffman-Andrews, the patch adds a program used for fuzzing. git-svn-id: file:///svn/unbound/trunk@5028 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-07 15:01:24 +00:00
Wouter Wijngaards	fe6eb5f665	- Document interaction between the tls-upstream option in the server section and forward-tls-upstream option in the forward-zone sections. git-svn-id: file:///svn/unbound/trunk@5027 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-07 10:52:08 +00:00
Wouter Wijngaards	90b00dfe57	- On FreeBSD warn if systcl settings do not allow server TCP FASTOPEN, and server tcp fastopen is enabled at compile time. git-svn-id: file:///svn/unbound/trunk@5026 be551aaa-1e26-0410-a405-d3ace91eadb9	2019-01-07 09:06:41 +00:00
Wouter Wijngaards	023411f975	- Fix for crash in dns64 module if response is null. git-svn-id: file:///svn/unbound/trunk@5025 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-12 16:03:05 +00:00
Wouter Wijngaards	9c2a45c59e	svn trunk 1.8.2, Which became 1.8.3 on 11 december with only the dns64 fix of 6 dec. Trunk then became 1.8.4 in development. git-svn-id: file:///svn/unbound/trunk@5020 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-11 09:44:16 +00:00
Wouter Wijngaards	1b72e814e7	- Fixup openssl 1.0.2 compile git-svn-id: file:///svn/unbound/trunk@5019 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-10 14:36:43 +00:00
Wouter Wijngaards	71b078611f	- Fix #4206 : support openssl 1.0.2 for TLS hostname verification, alongside the 1.1.0 and later support that is already there. git-svn-id: file:///svn/unbound/trunk@5018 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-10 14:27:24 +00:00
Wouter Wijngaards	6b8e316663	- Fix for FreeBSD port make with dnscrypt and dnstap enabled. git-svn-id: file:///svn/unbound/trunk@5016 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-10 10:41:33 +00:00
Wouter Wijngaards	21d03697ca	- ip-ratelimit-factor of 1 allows all traffic through, instead of the previous blocking everything. git-svn-id: file:///svn/unbound/trunk@5015 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-10 09:38:50 +00:00
Wouter Wijngaards	4c7f824e0a	- Fix config parser memory leaks. git-svn-id: file:///svn/unbound/trunk@5014 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-10 09:27:49 +00:00
Wouter Wijngaards	42244e1b4d	- Fix dns64 allocation in wrong region for returned internal queries. git-svn-id: file:///svn/unbound/trunk@5013 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-06 08:04:37 +00:00
Wouter Wijngaards	2981adac66	trunk has 1.8.3 in development. git-svn-id: file:///svn/unbound/trunk@5012 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-04 09:30:03 +00:00
Wouter Wijngaards	91971db3d0	And document. git-svn-id: file:///svn/unbound/trunk@5009 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-03 14:56:12 +00:00
Wouter Wijngaards	198a7ce74d	- cache-max-ttl also defines upperbound of initial TTL in response. git-svn-id: file:///svn/unbound/trunk@5007 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-03 14:50:47 +00:00
Wouter Wijngaards	a9b7194485	- Fix icon, no ragged edges and nicer resolutions available, for eg. Win 7 and Windows 10 display. git-svn-id: file:///svn/unbound/trunk@5001 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-12-03 08:30:55 +00:00
Wouter Wijngaards	2ad55ba791	- log-tag-queryreply: yes in unbound.conf tags the log-queries and log-replies in the log file for easier log filter maintenance. git-svn-id: file:///svn/unbound/trunk@5000 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-30 09:45:37 +00:00
Wouter Wijngaards	ac8dc59341	- Patch for typo in unbound.conf man page. git-svn-id: file:///svn/unbound/trunk@4999 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-30 08:33:50 +00:00
Wouter Wijngaards	c1c1cd97e7	- Remove clang analysis warnings. git-svn-id: file:///svn/unbound/trunk@4998 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-29 14:39:26 +00:00
Wouter Wijngaards	b23c373f4d	- Refuse to start with no ports. git-svn-id: file:///svn/unbound/trunk@4997 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-29 14:26:16 +00:00
Wouter Wijngaards	81ded6124d	- Fix that unbound-checkconf does not complains if the config file is not placed inside the chroot. git-svn-id: file:///svn/unbound/trunk@4995 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-29 12:55:13 +00:00
Wouter Wijngaards	c417f733af	- tag for 1.8.2rc1. git-svn-id: file:///svn/unbound/trunk@4994 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-29 09:27:19 +00:00
Wouter Wijngaards	63dcbe3d75	- Fix chroot auth-zone fix to remove chroot prefix. git-svn-id: file:///svn/unbound/trunk@4992 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-29 08:27:47 +00:00
Wouter Wijngaards	fb342b73d3	- iana portlist updated. git-svn-id: file:///svn/unbound/trunk@4991 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-29 08:27:22 +00:00
Wouter Wijngaards	cccb5094a4	- Fix clang analysis for outside directory build test. git-svn-id: file:///svn/unbound/trunk@4990 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-28 13:34:31 +00:00
Wouter Wijngaards	3330d5296c	- Fix leak in chroot fix for auth-zone. git-svn-id: file:///svn/unbound/trunk@4989 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-28 12:37:52 +00:00
Wouter Wijngaards	f95f98b12a	- Update contrib fastrpz patch for latest release. git-svn-id: file:///svn/unbound/trunk@4988 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-27 15:47:52 +00:00
Wouter Wijngaards	ca33c52086	- Fix windows compile for new rrset roundrobin fix. git-svn-id: file:///svn/unbound/trunk@4986 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-27 13:35:29 +00:00
Wouter Wijngaards	aba3ba738f	- Put new logos into windows installer. git-svn-id: file:///svn/unbound/trunk@4985 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-27 13:24:40 +00:00
Wouter Wijngaards	60da4369a4	- stat count SERVFAIL downstream auth-zone queries for expired zones. git-svn-id: file:///svn/unbound/trunk@4984 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-27 12:42:59 +00:00
Wouter Wijngaards	b04e84ab9e	- auth-zone give SERVFAIL when expired, fallback activates when expired, and this is documented in the man page. git-svn-id: file:///svn/unbound/trunk@4983 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-27 12:31:37 +00:00
Wouter Wijngaards	d96de4c222	- New and better fix for Fix #4193 : Fix that prefetch failure does not overwrite valid cache entry with SERVFAIL. git-svn-id: file:///svn/unbound/trunk@4982 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-27 10:56:45 +00:00
Wouter Wijngaards	0ff5c52657	- Fix #4208 : 'stub-no-cache' and 'forward-no-cache' not work. git-svn-id: file:///svn/unbound/trunk@4981 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-27 10:29:14 +00:00
Wouter Wijngaards	94996b8a29	- Fix DNS64 to not store intermediate results in cache, this avoids other threads from picking up the wrong data. The module restores the previous no_cache_store setting when the the module is finished. git-svn-id: file:///svn/unbound/trunk@4979 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-27 08:43:38 +00:00
Wouter Wijngaards	59e6f149a7	- Fix that unbound-control can send file for view_local_datas. git-svn-id: file:///svn/unbound/trunk@4978 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-26 13:55:36 +00:00
Wouter Wijngaards	470806b097	- Add unbound-control view_local_datas command, like local_datas. git-svn-id: file:///svn/unbound/trunk@4977 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-26 13:37:23 +00:00
Wouter Wijngaards	8fcc82171a	- Fix #4193 : Fix that prefetch failure does not overwrite valid cache entry with SERVFAIL. git-svn-id: file:///svn/unbound/trunk@4976 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-26 10:25:50 +00:00
Wouter Wijngaards	4d5b32ee59	- Fix to not set GLOB_NOSORT so the unbound.conf include: files are sorted and in a predictable order. git-svn-id: file:///svn/unbound/trunk@4975 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-26 09:54:34 +00:00
Wouter Wijngaards	816aa50dfc	- make depend. git-svn-id: file:///svn/unbound/trunk@4974 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-22 15:57:15 +00:00
Wouter Wijngaards	068c52d8f5	- Fix that empty zonefile means the zonefile is not set and not used. git-svn-id: file:///svn/unbound/trunk@4973 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-22 15:55:18 +00:00
Wouter Wijngaards	692caffe2c	- auth zone zonefiles can be in a chroot, the chroot directory components are removed before use. git-svn-id: file:///svn/unbound/trunk@4972 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-22 15:51:09 +00:00
Wouter Wijngaards	c97bb52d77	- Fix #4209 : Crash in libunbound when called from getdns. git-svn-id: file:///svn/unbound/trunk@4971 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-22 15:07:30 +00:00
Wouter Wijngaards	d21cb609a8	- review fixes for python module. git-svn-id: file:///svn/unbound/trunk@4969 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-22 13:31:21 +00:00
Wouter Wijngaards	de0b6da9f4	- ignore debug python module for test in doxygen output. git-svn-id: file:///svn/unbound/trunk@4967 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-22 13:05:26 +00:00
Wouter Wijngaards	5853f90076	- With ./configure --with-pyunbound --with-pythonmodule PYTHON_VERSION=3.6 or with 2.7 unbound can compile and unit tests succeed for the python module. - pythonmod logs the python error and traceback on failure. git-svn-id: file:///svn/unbound/trunk@4966 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-22 13:01:29 +00:00
Wouter Wijngaards	7458729d28	- Scrub NS records from NODATA responses as well. git-svn-id: file:///svn/unbound/trunk@4964 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-21 06:37:00 +00:00
Wouter Wijngaards	7acf6a4a66	- Removed compile warnings in pythonmod sockaddr routines. git-svn-id: file:///svn/unbound/trunk@4963 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-20 12:28:09 +00:00
Wouter Wijngaards	04d73b9192	- Add patch from Jan Vcelak for pythonmod, add sockaddr_storage getters, add support for query callbacks, allow raw address access via comm_reply and update API documentation. git-svn-id: file:///svn/unbound/trunk@4962 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-20 12:24:40 +00:00
Wouter Wijngaards	f7e99131b9	- Scrub NS records from NXDOMAIN responses to stop fragmentation poisoning of the cache. git-svn-id: file:///svn/unbound/trunk@4961 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-20 09:44:40 +00:00
Wouter Wijngaards	069b0b8c90	- Support SO_REUSEPORT_LB in FreeBSD 12 with the so-reuseport: yes option in unbound.conf. git-svn-id: file:///svn/unbound/trunk@4960 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-19 09:36:27 +00:00
Ralph Dolmans	640d1cf929	- Bugfix min-client-subnet-ipv6 git-svn-id: file:///svn/unbound/trunk@4958 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-11-06 09:44:10 +00:00
Wouter Wijngaards	c9955f9fdf	- Fix #4152 : Logs shows wrong time when using log-time-ascii: yes. git-svn-id: file:///svn/unbound/trunk@4957 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 13:52:13 +00:00
Wouter Wijngaards	9a877e0e9a	- remade makefile dependencies. (note the make depend just done). git-svn-id: file:///svn/unbound/trunk@4956 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 09:31:25 +00:00
Wouter Wijngaards	fd5e4e6019	- Fix #4126 : RTT_band too low on VSAT links with 600+ms latency, adds the option unknown-server-time-limit to unbound.conf that can be increased to avoid the problem. git-svn-id: file:///svn/unbound/trunk@4954 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 09:21:41 +00:00
Wouter Wijngaards	8e2a100460	- Fix #4132 : Openness/closeness of RANGE intervals in rpl files. git-svn-id: file:///svn/unbound/trunk@4953 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 09:01:53 +00:00
Ralph Dolmans	359dcc3c5c	Document min-client-subnet-ipv4/6 default value git-svn-id: file:///svn/unbound/trunk@4952 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 08:55:55 +00:00
Ralph Dolmans	6021341118	- Add min-client-subnet-ipv6 and min-client-subnet-ipv4 options. git-svn-id: file:///svn/unbound/trunk@4951 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 08:53:50 +00:00
Wouter Wijngaards	d5922830d0	- Fix #4141 : More randomness to rrset-roundrobin. git-svn-id: file:///svn/unbound/trunk@4950 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 08:26:40 +00:00
Wouter Wijngaards	23505d30a5	- Fix #4190 : Please create a "ANY" deny option, adds the option deny-any: yes in unbound.conf. This responds with an empty message to queries of type ANY. git-svn-id: file:///svn/unbound/trunk@4949 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 08:07:37 +00:00
Wouter Wijngaards	20f0e8ad55	- Fix #4191 : NXDOMAIN vs SERVFAIL during dns64 PTR query. git-svn-id: file:///svn/unbound/trunk@4947 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-25 07:45:00 +00:00
Ralph Dolmans	140a165ab2	- Add markdel function to ECS slabhash. - Limit ECS scope returned to client to the scope used for caching. - Make lint like previous #4154 fix. git-svn-id: file:///svn/unbound/trunk@4946 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-24 13:50:18 +00:00
Wouter Wijngaards	5fec1c8b1f	- Fix #4154 : make ECS_MAX_TREESIZE configurable, with the max-ecs-tree-size-ipv4 and max-ecs-tree-size-ipv6 options. git-svn-id: file:///svn/unbound/trunk@4945 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-22 14:54:28 +00:00
Wouter Wijngaards	84a8415357	- check that the dnstap socket file can be opened and exists, print error if not. git-svn-id: file:///svn/unbound/trunk@4943 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-22 10:17:38 +00:00
Wouter Wijngaards	6429b5c298	- Fix #4192 : unbound-control-setup generates keys not readable by group. git-svn-id: file:///svn/unbound/trunk@4942 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-22 10:07:13 +00:00
Ralph Dolmans	6b5e7d78e3	- Change fast-server-num default to 3. git-svn-id: file:///svn/unbound/trunk@4941 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-22 09:36:36 +00:00
Ralph Dolmans	02bd3e2ff1	- Add fast-server-permil and fast-server-num options. - Deprecate low-rtt and low-rtt-permil options. git-svn-id: file:///svn/unbound/trunk@4938 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-08 16:03:46 +00:00
Wouter Wijngaards	2d28fba3bf	- Squelch log of failed to tcp initiate after TCP Fastopen failure. git-svn-id: file:///svn/unbound/trunk@4937 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-08 13:27:53 +00:00
Wouter Wijngaards	19aed2dcb1	Trunk has 1.8.2 in development. git-svn-id: file:///svn/unbound/trunk@4936 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-08 12:09:44 +00:00
Wouter Wijngaards	eed1e0789a	- fastrpz.patch fix included. git-svn-id: file:///svn/unbound/trunk@4935 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-08 10:33:09 +00:00
Wouter Wijngaards	837565c505	- iana port update. git-svn-id: file:///svn/unbound/trunk@4933 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-05 15:18:08 +00:00
Wouter Wijngaards	fece182cf5	- Set default for so-reuseport to no for FreeBSD. It is enabled by default for Linux and DragonFlyBSD. The setting can be configured in unbound.conf to override the default. git-svn-id: file:///svn/unbound/trunk@4932 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-05 15:07:19 +00:00
Wouter Wijngaards	945452bff4	- Squelch EADDRNOTAVAIL errors when the interface goes away, this omits 'can't assign requested address' errors unless verbosity is set to a high value. git-svn-id: file:///svn/unbound/trunk@4931 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-05 06:29:05 +00:00
Wouter Wijngaards	1c08a2ba55	- clang analyze test is used only when assertions are enabled. git-svn-id: file:///svn/unbound/trunk@4930 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-02 12:42:50 +00:00
Wouter Wijngaards	d967ceb98b	Remove that fix, analyzer is for debug with assertions. - Fix clang analyzer for optimize compile analysis. git-svn-id: file:///svn/unbound/trunk@4929 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-02 12:32:33 +00:00
Wouter Wijngaards	a3c3e13b2f	remove unused diagnostic pragmas that themselves generate warnings git-svn-id: file:///svn/unbound/trunk@4928 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-02 12:17:40 +00:00
Wouter Wijngaards	2598f9bb18	line fixup git-svn-id: file:///svn/unbound/trunk@4926 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-02 12:13:19 +00:00
Wouter Wijngaards	99a92b3483	- Fix testlock code to set noreturn on error routine. git-svn-id: file:///svn/unbound/trunk@4923 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-02 10:53:40 +00:00
Wouter Wijngaards	c85ff492d0	- Fix clang analyzer for optimize compile analysis. git-svn-id: file:///svn/unbound/trunk@4922 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-02 10:51:05 +00:00
Wouter Wijngaards	b09cfb8fb1	- dnscrypt.c removed sizeof to get array bounds. git-svn-id: file:///svn/unbound/trunk@4921 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-02 10:47:12 +00:00
Wouter Wijngaards	885069e1f6	- tag for release 1.8.1rc1. git-svn-id: file:///svn/unbound/trunk@4918 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-01 11:28:05 +00:00
Wouter Wijngaards	077b38e2c5	note down that memory leak #4149 is fixed. git-svn-id: file:///svn/unbound/trunk@4917 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-10-01 09:36:15 +00:00
Wouter Wijngaards	9be04e6fac	- Fix #4188 : IPv6 forwarders without ipv6 result in SERVFAIL, fixes qname minimisation with a forwarder when connectivity has issues from rejecting responses. git-svn-id: file:///svn/unbound/trunk@4916 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-27 08:19:29 +00:00
Wouter Wijngaards	377d5b426a	- Add SSL cleanup for tcp timeout. git-svn-id: file:///svn/unbound/trunk@4915 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-25 09:01:13 +00:00
Wouter Wijngaards	f82a128909	- Perform TLS SNI indication of the host that is being contacted for DNS over TLS service. It sets the configured tls auth name. This is useful for hosts that apart from the DNS over TLS services also provide other (web) services. git-svn-id: file:///svn/unbound/trunk@4914 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-25 08:31:42 +00:00
Wouter Wijngaards	216759e955	- Fix #4156 : Fix systemd service manager state change notification. git-svn-id: file:///svn/unbound/trunk@4913 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-17 12:30:22 +00:00
Wouter Wijngaards	9b6caf5a5b	- Fix that with harden-below-nxdomain and qname minisation enabled some iterator states for nonresponsive domains can get into a state where they waited for an empty list. - Stop UDP to TCP failover after timeouts that causes the ping count to be reset by the TCP time measurement (that exists for TLS), because that causes the UDP part to not be measured as timeout. git-svn-id: file:///svn/unbound/trunk@4912 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-17 11:25:52 +00:00
Wouter Wijngaards	5089db7331	- Fix unbound for openssl in FIPS mode, it uses the digests with the EVP call contexts. git-svn-id: file:///svn/unbound/trunk@4908 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-17 07:28:55 +00:00
Wouter Wijngaards	8e20d628e8	- Fix compile on Mac for unbound, provide explicit_bzero when libc does not have it. git-svn-id: file:///svn/unbound/trunk@4907 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-17 07:06:57 +00:00
Wouter Wijngaards	d275505df6	- annotate exit functions with noreturn in unbound-control. git-svn-id: file:///svn/unbound/trunk@4906 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 14:43:43 +00:00
Wouter Wijngaards	f7516e6b2b	- nicer bio free code in unbound-anchor. git-svn-id: file:///svn/unbound/trunk@4905 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 12:49:37 +00:00
Wouter Wijngaards	898d4c8dd9	- Fix memory leak when message parse fails partway through copy. - remove unused udpsize assignment in message encode. git-svn-id: file:///svn/unbound/trunk@4904 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 12:30:44 +00:00
Wouter Wijngaards	2e9d09b961	- initialize statistics totals for printout. - in authzone check that node exists before adding rrset. - in unbound-anchor, use readwrite memory BIO. - assertion in autotrust that packed rrset is formed correctly. git-svn-id: file:///svn/unbound/trunk@4903 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 12:20:41 +00:00
Wouter Wijngaards	8dd6efe5ed	- remove unused variable assignment from iterator scrub routine. - check for null in delegation point during iterator refetch in forward zone. - neater pointer cast in libunbound context quit routine. git-svn-id: file:///svn/unbound/trunk@4902 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 10:36:22 +00:00
Wouter Wijngaards	635df9c806	- unit test has clang analysis. git-svn-id: file:///svn/unbound/trunk@4901 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 10:24:08 +00:00
Wouter Wijngaards	75b8b8c875	- Free memory leak in config strlist append. - make sure nsec3 comparison salt is initialized. git-svn-id: file:///svn/unbound/trunk@4900 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 10:23:30 +00:00
Wouter Wijngaards	fe8b22caa1	- in testcode, free async ids, initialise array, and check for null pointer during test of the test. And use exit for return to note irregular program stop. git-svn-id: file:///svn/unbound/trunk@4897 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 09:45:07 +00:00
Wouter Wijngaards	9a82526b91	- exit log routine is annotated as noreturn function. - free memory leaks in config strlist and str2list insert functions. - do not move unused argv variable after getopt. - Remove unused if clause in testcode. git-svn-id: file:///svn/unbound/trunk@4896 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 08:58:21 +00:00
Wouter Wijngaards	225a6d9c6e	- Fix seed for random backup code to use explicit zero when wiped. git-svn-id: file:///svn/unbound/trunk@4895 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-13 07:49:51 +00:00
Wouter Wijngaards	87c8dd5434	- Fix initialisation in remote.c git-svn-id: file:///svn/unbound/trunk@4894 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-11 14:11:50 +00:00
Wouter Wijngaards	a09c4bbdc2	- Fix spelling errors. git-svn-id: file:///svn/unbound/trunk@4893 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-11 13:28:21 +00:00
Wouter Wijngaards	d01651c305	- Fix to squelch respip warning in unit test, it is printed at higher verbosity settings. git-svn-id: file:///svn/unbound/trunk@4892 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-11 13:24:31 +00:00
Wouter Wijngaards	00982fc3db	- Fixed unused return value warnings in contrib/fastrpz.patch for asprintf. git-svn-id: file:///svn/unbound/trunk@4891 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-11 13:19:55 +00:00
Wouter Wijngaards	d8f890a43a	- iana port update. git-svn-id: file:///svn/unbound/trunk@4890 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-10 12:35:01 +00:00
Wouter Wijngaards	a58681a718	1.8.1 in svn trunk. git-svn-id: file:///svn/unbound/trunk@4889 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-10 12:32:28 +00:00
Wouter Wijngaards	c9d33fb9f7	1.8.0 release. git-svn-id: file:///svn/unbound/trunk@4888 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-10 12:30:29 +00:00
Wouter Wijngaards	254df71810	- Fix spelling error in header, from getdns commit by Andreas Gelmini. git-svn-id: file:///svn/unbound/trunk@4886 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-05 05:33:38 +00:00
Ralph Dolmans	987c1c97e5	- More explicitly mention the type of ratelimit when applying ip-ratelimit. git-svn-id: file:///svn/unbound/trunk@4884 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-04 09:16:07 +00:00
Wouter Wijngaards	25c8497ba6	- Tag for 1.8.0rc1 release. git-svn-id: file:///svn/unbound/trunk@4882 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-09-04 07:15:06 +00:00
Wouter Wijngaards	5577e55400	- Disable minimal-responses in subnet unit tests. git-svn-id: file:///svn/unbound/trunk@4881 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-31 14:59:10 +00:00
Wouter Wijngaards	30a14c2716	- Fix that a local-zone with a local-zone-type that is transparent in a view with view-first, makes queries check for answers from the local-zones defined outside of views. git-svn-id: file:///svn/unbound/trunk@4879 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-30 09:06:07 +00:00
Ralph Dolmans	2e5e31e8ac	- Added serve-expired-ttl and serve-expired-ttl-reset options. git-svn-id: file:///svn/unbound/trunk@4876 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-28 14:21:56 +00:00
Ralph Dolmans	ae2653fcc5	- Disable minimal-responses in ipsecmod unit tests. git-svn-id: file:///svn/unbound/trunk@4875 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-28 14:11:21 +00:00
Wouter Wijngaards	f7118f29b9	- Fix lintflags for lint on FreeBSD. git-svn-id: file:///svn/unbound/trunk@4874 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-27 13:42:27 +00:00
Wouter Wijngaards	8d14e7c0a4	- next release is called 1.8.0. git-svn-id: file:///svn/unbound/trunk@4872 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-27 13:20:12 +00:00
Wouter Wijngaards	e0745813f4	- Set defaults to yes for a number of options to increase speed and resilience of the server. The so-reuseport, harden-below-nxdomain, and minimal-responses options are enabled by default. They used to be disabled by default, waiting to make sure they worked. They are enabled by default now, and can be disabled explicitly by setting them to "no" in the unbound.conf config file. The reuseport and minimal options increases speed of the server, and should be otherwise harmless. The harden-below-nxdomain option works well together with the recently default enabled qname minimisation, this causes more fetches to use information from the cache. git-svn-id: file:///svn/unbound/trunk@4871 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-27 13:18:19 +00:00
George Thessalonikefs	0171d06aa2	- #4140 : Expose repinfo (comm_reply) to the inplace_callbacks. This gives access to reply information for the client's communication point when the callback is called before the mesh state (modules). Changes to C and Python's inplace_callback signatures were also necessary. git-svn-id: file:///svn/unbound/trunk@4870 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-22 10:51:13 +00:00
Wouter Wijngaards	4daf8f5bdb	- Fix only misc failure from log-servfail when val-log-level is not enabled. git-svn-id: file:///svn/unbound/trunk@4869 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-21 14:31:37 +00:00
Wouter Wijngaards	00ba747be7	- #4146 : num.query.subnet and num.query.subnet_cache counters. git-svn-id: file:///svn/unbound/trunk@4867 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-21 14:14:28 +00:00
Wouter Wijngaards	504ef71975	and documentation. git-svn-id: file:///svn/unbound/trunk@4866 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-21 07:14:48 +00:00
Wouter Wijngaards	01d8dc2240	- log-local-actions: yes option for unbound.conf that logs all the local zone actions, a patch from Saksham Manchanda (Secure64). git-svn-id: file:///svn/unbound/trunk@4864 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-21 07:10:09 +00:00
Wouter Wijngaards	4fe427ded2	- log-servfail: yes prints log lines that say why queries are returning SERVFAIL to clients. git-svn-id: file:///svn/unbound/trunk@4863 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-17 15:22:05 +00:00
Wouter Wijngaards	e8c4f20f66	- added more servfail printout statements, to the iterator. git-svn-id: file:///svn/unbound/trunk@4861 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-17 15:01:35 +00:00
Wouter Wijngaards	8385c462ed	- print servfail info to log as error. git-svn-id: file:///svn/unbound/trunk@4859 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-17 13:29:27 +00:00
Ralph Dolmans	afd4063f20	- Fix classification for QTYPE=CNAME queries when QNAME minimisation is enabled. git-svn-id: file:///svn/unbound/trunk@4858 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-17 12:48:47 +00:00
Wouter Wijngaards	ed24498f2e	- Set libunbound to increase current, because the libunbound change to the event callback function signature. That needs programs, that use it, to recompile against the new header definition. git-svn-id: file:///svn/unbound/trunk@4857 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-17 09:07:06 +00:00
Wouter Wijngaards	f2b12c0761	- Fix contrib/fastrpz.patch. git-svn-id: file:///svn/unbound/trunk@4856 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-16 10:29:00 +00:00
Wouter Wijngaards	df85836b15	- Fix warning on compile without threads. git-svn-id: file:///svn/unbound/trunk@4855 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-16 10:28:11 +00:00
Wouter Wijngaards	1958d9fbd5	- Fix segfault in auth-zone read and reorder of RRSIGs. git-svn-id: file:///svn/unbound/trunk@4853 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-15 09:26:13 +00:00
Wouter Wijngaards	0c04b5eaf5	- Upgraded crosscompile script to include libunbound DLL in the zipfile. git-svn-id: file:///svn/unbound/trunk@4852 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-14 14:52:09 +00:00
Wouter Wijngaards	8e5a32f4dc	- Fix that printout of error for cycle targets is a verbosity 4 printout and does not wrongly print it is a memory error. git-svn-id: file:///svn/unbound/trunk@4851 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-14 07:27:57 +00:00
Wouter Wijngaards	efe5c8e6be	- Fix #4144 : dns64 module caches wrong (negative) information. git-svn-id: file:///svn/unbound/trunk@4850 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-10 08:03:17 +00:00
Wouter Wijngaards	8b1012613e	documentation. git-svn-id: file:///svn/unbound/trunk@4847 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-09 12:48:33 +00:00
Wouter Wijngaards	256ab3d935	- Patch for stub-no-cache and forward-no-cache options that disable caching for the contents of that stub or forward, for when you want immediate changes visible, from Bjoern A. Zeeb. git-svn-id: file:///svn/unbound/trunk@4846 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-09 12:44:40 +00:00
Wouter Wijngaards	be79ffa371	- document --enable-subnet in doc/README. git-svn-id: file:///svn/unbound/trunk@4844 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-09 08:48:04 +00:00
Wouter Wijngaards	d2f7999b4e	- unbound-checkconf checks if modules exist and prints if they are not compiled in the name of the wrong module. git-svn-id: file:///svn/unbound/trunk@4842 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-09 08:33:56 +00:00
Wouter Wijngaards	611e37aa2d	(On the patch) - make depend, yacc, lex, doc, headers. And log the limit exceeded message only on high verbosity, so as to not spam the logs when it is busy. git-svn-id: file:///svn/unbound/trunk@4841 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-07 12:48:49 +00:00
Ralph Dolmans	3f2d186694	- Make capsforid fallback QNAME minimisation aware. git-svn-id: file:///svn/unbound/trunk@4840 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-07 12:43:49 +00:00
Wouter Wijngaards	73f01304f0	tcp-connection-limit in example config. git-svn-id: file:///svn/unbound/trunk@4839 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-07 12:28:57 +00:00
Wouter Wijngaards	586b811b87	- Patch to implement tcp-connection-limit from Jim Hague (Sinodun). This limits the number of simultaneous TCP client connections from a nominated netblock. And a simple test for TCP connection limit. git-svn-id: file:///svn/unbound/trunk@4835 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-07 11:57:42 +00:00
Wouter Wijngaards	070019c9be	- Fix #4142 : unbound.service.in: improvements and fixes. Add unit dependency ordering (based on systemd-resolved). Add 'CAP_SYS_RESOURCE' to 'CapabilityBoundingSet' (fixes warnings about missing privileges during startup). Add 'AF_INET6' to 'RestrictAddressFamilies' (without it IPV6 can't work). From Guido Shanahan. git-svn-id: file:///svn/unbound/trunk@4834 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-07 08:30:22 +00:00
Wouter Wijngaards	cf1bfbba5d	test post hook. git-svn-id: file:///svn/unbound/trunk@4832 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-06 07:41:41 +00:00
Wouter Wijngaards	a4fd088875	change for post hook git-svn-id: file:///svn/unbound/trunk@4831 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-06 07:30:11 +00:00
Wouter Wijngaards	27023b3f21	- Fix for #4136 : Fix to unconditionally call destroy in daemon.c. git-svn-id: file:///svn/unbound/trunk@4830 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-06 07:18:05 +00:00
George Thessalonikefs	749d1b9ebc	- Expose if a query (or a subquery) was ratelimited (not src IP ratelimiting) to libunbound under 'ub_result.was_ratelimited'. This also introduces a change to 'ub_event_callback_type' in libunbound/unbound-event.h. - Tidy pylib tests. git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-03 14:00:46 +00:00
Wouter Wijngaards	87bdb489f9	- New fix for #4136 : This one ignores lex without without yylex_destroy. git-svn-id: file:///svn/unbound/trunk@4827 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-03 11:10:55 +00:00
Wouter Wijngaards	37e9f5591a	- Revert previous change for #4136 : because it introduces build problems. git-svn-id: file:///svn/unbound/trunk@4826 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-03 09:47:53 +00:00
Wouter Wijngaards	d546e7766d	- iana port list update. git-svn-id: file:///svn/unbound/trunk@4825 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-01 14:07:54 +00:00
Wouter Wijngaards	62f69f9b40	- Fix to remove systemd sockaddr function check, that is not always present. Make socket activation more lenient. But not different when socket activation is not used. git-svn-id: file:///svn/unbound/trunk@4824 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-08-01 13:49:27 +00:00
Wouter Wijngaards	168bc963d3	edns keepalive in example.conf git-svn-id: file:///svn/unbound/trunk@4823 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 13:59:34 +00:00
Wouter Wijngaards	c887ae1022	- Fix #4139 : Fix unbound-host leaks memory on ANY. git-svn-id: file:///svn/unbound/trunk@4821 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 11:58:19 +00:00
Wouter Wijngaards	a2961e50fb	For windows portability, example.conf documentation. git-svn-id: file:///svn/unbound/trunk@4817 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 10:24:09 +00:00
Wouter Wijngaards	cc538f4f9f	- Please doxygen so it passes. git-svn-id: file:///svn/unbound/trunk@4813 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 08:10:20 +00:00
Wouter Wijngaards	45e73bcc8e	Insert comments for documentation purposes. git-svn-id: file:///svn/unbound/trunk@4811 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 07:55:47 +00:00
Wouter Wijngaards	2f32ef7646	Another patch from Jim Hague: - Fix 'make depend' to work when build dir is not project root. git-svn-id: file:///svn/unbound/trunk@4809 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 07:27:16 +00:00
Wouter Wijngaards	b7abbd1d72	- Fix mesh.c incompatible pointer pass. - yacc and lex. git-svn-id: file:///svn/unbound/trunk@4808 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 07:23:58 +00:00
Wouter Wijngaards	f364edafd3	- From Wouter: make depend, the dependencies in the patches did not apply cleanly. git-svn-id: file:///svn/unbound/trunk@4807 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 07:21:39 +00:00
Wouter Wijngaards	e3f08cb2a2	- Implement progressive backoff of TCP idle/keepalive timeout. git-svn-id: file:///svn/unbound/trunk@4806 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 07:20:15 +00:00
Wouter Wijngaards	a92b00ef3c	- Correct and expand manual page entries for keepalive and idle timeout. git-svn-id: file:///svn/unbound/trunk@4805 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 07:19:26 +00:00
Wouter Wijngaards	3dbdde7fed	- Add edns-tcp-keepalive and edns-tcp-keepalive timeout options and implement option in client responses. git-svn-id: file:///svn/unbound/trunk@4804 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 07:18:34 +00:00
Wouter Wijngaards	007123ee2c	- Sort out test runs when the build directory isn't the project root directory. - Add config tcp-idle-timeout (default 30s). This applies to client connections only; the timeout on TCP connections upstream is unaffected. git-svn-id: file:///svn/unbound/trunk@4802 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-31 07:15:12 +00:00
Wouter Wijngaards	10c085f81d	- Fix #4136 : insufficiency from mismatch of FLEX capability between released tarball and build host. git-svn-id: file:///svn/unbound/trunk@4801 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-30 09:58:05 +00:00
Wouter Wijngaards	1d315e11cf	- Fix man page, say that chroot is enabled by default. git-svn-id: file:///svn/unbound/trunk@4800 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-27 09:19:57 +00:00
Wouter Wijngaards	c91b657a40	Attribute and put fix in section. git-svn-id: file:///svn/unbound/trunk@4799 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-26 07:10:24 +00:00
Wouter Wijngaards	60f59271d6	- Fix #4135 : 64-bit Windows Installer Creates Entries Under The Wrong Registry Key. git-svn-id: file:///svn/unbound/trunk@4798 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-26 06:59:57 +00:00
Wouter Wijngaards	40abe08ac8	- Fix use-systemd readiness signalling, only when use-systemd is yes and not in signal handler. git-svn-id: file:///svn/unbound/trunk@4797 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-23 13:05:39 +00:00
Wouter Wijngaards	aa5fb8b10b	- Fix #4131 : for solaris, error YY_CURRENT_BUFFER undeclared. git-svn-id: file:///svn/unbound/trunk@4795 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-20 11:53:57 +00:00
Wouter Wijngaards	bded93f69b	- Fix #4130 : print text describing -dd and unbound-checkconf on config file read error at startup, the errors may have been moved away by the startup process. git-svn-id: file:///svn/unbound/trunk@4792 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-20 05:42:38 +00:00
Wouter Wijngaards	38e77d50f2	- Fix #4129 unbound-control error message with wrong cert permissions is too cryptic. git-svn-id: file:///svn/unbound/trunk@4791 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-19 06:22:11 +00:00
Wouter Wijngaards	7579216922	- Resize ratelimit and ip-ratelimit caches if changed on reload. git-svn-id: file:///svn/unbound/trunk@4787 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-17 14:42:38 +00:00
Wouter Wijngaards	330c6e1cb0	- Fix that ratelimit and ip-ratelimit are applied after reload of git-svn-id: file:///svn/unbound/trunk@4786 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-17 14:27:44 +00:00
Wouter Wijngaards	cc5ab744c5	- Print error if SSL name verification configured but not available in the ssl library. git-svn-id: file:///svn/unbound/trunk@4784 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-17 12:26:32 +00:00
Wouter Wijngaards	0ae750e552	- Fix #4127 unbound -h does not list -p help. git-svn-id: file:///svn/unbound/trunk@4783 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-17 07:03:37 +00:00
Wouter Wijngaards	cabc120f22	for outgoing UDP sockets. git-svn-id: file:///svn/unbound/trunk@4782 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-16 10:30:44 +00:00
Wouter Wijngaards	c96c2d8a45	- Squelch can't bind socket errors with Permission denied unless verbosity is 4 or higher, for UDP sockets. git-svn-id: file:///svn/unbound/trunk@4781 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-16 10:27:12 +00:00
Wouter Wijngaards	8aa53f027d	- Fix qname minimisation NXDOMAIN validation lookup failures causing error_supers assertion fails. git-svn-id: file:///svn/unbound/trunk@4780 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-16 10:21:34 +00:00
Wouter Wijngaards	4bf9d12419	- Fix for 4126 that the #define for UNKNOWN_SERVER_NICENESS can be more easily changed to adjust default rtt assumptions. git-svn-id: file:///svn/unbound/trunk@4779 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-12 14:15:03 +00:00
Wouter Wijngaards	f93746b1af	- Fix to improve systemd socket activation code file descriptor assignment. git-svn-id: file:///svn/unbound/trunk@4778 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-12 10:35:33 +00:00
Wouter Wijngaards	23dc22b78d	- Note in documentation that the cert name match code needs git-svn-id: file:///svn/unbound/trunk@4777 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-10 08:02:32 +00:00
Wouter Wijngaards	5e3c30beac	- Fix round robin for failed addresses with prefer-ip6: yes git-svn-id: file:///svn/unbound/trunk@4776 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-06 14:40:35 +00:00
Wouter Wijngaards	f2e90b0872	- Note RFC8162 support. SMIMEA record type can be read in by the zone record parser. git-svn-id: file:///svn/unbound/trunk@4774 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-06 12:06:05 +00:00
Wouter Wijngaards	1249e0db3f	- Note RFC8162 support. git-svn-id: file:///svn/unbound/trunk@4773 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-06 11:56:38 +00:00
Wouter Wijngaards	15c4dd79f4	- iana port update. git-svn-id: file:///svn/unbound/trunk@4772 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-06 06:48:44 +00:00
Wouter Wijngaards	e324a7819a	- Fix documentation ambiguity for tls-win-cert in tls-upstream and forward-tls-upstream docs. git-svn-id: file:///svn/unbound/trunk@4771 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-06 05:39:08 +00:00
Wouter Wijngaards	81e9f82a8d	- Fix #4112 : Fix that unbound-anchor -f /etc/resolv.conf will not pass if DNSSEC is not enabled. New option -R allows fallback from resolv.conf to direct queries. git-svn-id: file:///svn/unbound/trunk@4770 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-04 10:02:16 +00:00
Wouter Wijngaards	5d298ed474	- Fix permission denied printed for auth zone probe random port nrs. git-svn-id: file:///svn/unbound/trunk@4769 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-03 13:58:49 +00:00
Wouter Wijngaards	82e1e3959f	- Better documentation for unblock-lan-zones and insecure-lan-zones config statements. git-svn-id: file:///svn/unbound/trunk@4768 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-03 08:54:01 +00:00
Wouter Wijngaards	7181c0fa6a	- Update libunbound/python/examples/dnssec_test.py example code to also set the 20326 trust anchor for the root in the example code. git-svn-id: file:///svn/unbound/trunk@4767 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-02 14:46:31 +00:00
Wouter Wijngaards	49f27c06af	Note that fix works to decrease problem, and is included for next release. git-svn-id: file:///svn/unbound/trunk@4766 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-02 08:55:04 +00:00
Wouter Wijngaards	7247718e12	- Fix typo on man page in ip-address description. git-svn-id: file:///svn/unbound/trunk@4765 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-02 07:19:12 +00:00
Wouter Wijngaards	61acc76244	- Fix checking for libhiredis printout in configure output. git-svn-id: file:///svn/unbound/trunk@4764 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-07-02 07:09:30 +00:00
Wouter Wijngaards	2faa4f9ee2	And documentation. git-svn-id: file:///svn/unbound/trunk@4763 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-29 13:03:57 +00:00
Wouter Wijngaards	2beae211ee	- dns64-ignore-aaaa: config option to list domain names for which the existing AAAA is ignored and dns64 processing is used on the A record. git-svn-id: file:///svn/unbound/trunk@4762 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-29 12:58:52 +00:00
Wouter Wijngaards	d3ff7a9333	- log port number with err_addr logs. git-svn-id: file:///svn/unbound/trunk@4761 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-29 08:34:41 +00:00
Wouter Wijngaards	23df700f15	explain num.tcp and num.tls git-svn-id: file:///svn/unbound/trunk@4760 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-28 09:14:31 +00:00
Wouter Wijngaards	755233c720	- num.queries.tls counter for queries over TLS. git-svn-id: file:///svn/unbound/trunk@4759 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-28 08:15:47 +00:00
Wouter Wijngaards	bca54a8b25	- Patch, do not export python from pkg-config, from Petr Menšík. git-svn-id: file:///svn/unbound/trunk@4758 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-27 06:07:31 +00:00
Wouter Wijngaards	b5aab36d41	- #4109 : Fix that package config depends on python unconditionally. git-svn-id: file:///svn/unbound/trunk@4757 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-27 05:46:36 +00:00
Wouter Wijngaards	d7cfe91cb3	- Fix that auth-zone does not start the wait timer without checking if the wait timer has already been started. (the code is part of the previous commit). git-svn-id: file:///svn/unbound/trunk@4756 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-26 13:56:23 +00:00
Wouter Wijngaards	a31d45b13e	- Fix that auth-zone master reply with current SOA serial does not stop scan of masters for an updated zone. git-svn-id: file:///svn/unbound/trunk@4755 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-26 13:48:36 +00:00
Wouter Wijngaards	23f475bccc	- Tentative fix for permission denied on IPv6 address on FreeBSD. git-svn-id: file:///svn/unbound/trunk@4754 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-26 08:01:44 +00:00
Wouter Wijngaards	025fdd0049	Document behaviour. git-svn-id: file:///svn/unbound/trunk@4753 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-21 12:51:14 +00:00
Wouter Wijngaards	c225ced1a9	- Fix usage printout for unbound-host, hostname has to be last argument on BSDs and Windows. git-svn-id: file:///svn/unbound/trunk@4751 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-21 12:31:42 +00:00
Wouter Wijngaards	3a58ad15e8	Note contents of release 1.7.3 git-svn-id: file:///svn/unbound/trunk@4750 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-21 10:00:17 +00:00
Wouter Wijngaards	5106ad7a2c	- #4108 : systemd reload hang fix. git-svn-id: file:///svn/unbound/trunk@4747 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-21 07:11:12 +00:00
Wouter Wijngaards	8c044a616b	- Fix windows unbound-control no cert bad file descriptor error. git-svn-id: file:///svn/unbound/trunk@4746 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-19 13:13:35 +00:00
Wouter Wijngaards	5dfcf122d1	- Windows example service.conf edited with more windows specific configuration. git-svn-id: file:///svn/unbound/trunk@4744 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-19 09:57:39 +00:00
Wouter Wijngaards	7b092127cb	- Fix for unbound-control on Windows and set TCP socket parameters more closely. git-svn-id: file:///svn/unbound/trunk@4743 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-19 09:40:59 +00:00
Wouter Wijngaards	b26257248d	- Fix unbound-checkconf for control-use-cert. git-svn-id: file:///svn/unbound/trunk@4742 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-18 12:15:21 +00:00
Wouter Wijngaards	3c7d270958	Changelog note, fix is part of 1.7.3rc2. git-svn-id: file:///svn/unbound/trunk@4741 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-18 09:46:40 +00:00
Wouter Wijngaards	c15eae814f	- Fix that control-use-cert: no works for 127.0.0.1 to disable certs. git-svn-id: file:///svn/unbound/trunk@4738 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-18 09:04:35 +00:00
Wouter Wijngaards	0e72e06886	- Print warning when control-use-cert is used with an IP-address in unbound-control, and that TLS is enabled. git-svn-id: file:///svn/unbound/trunk@4737 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-18 08:40:30 +00:00
Wouter Wijngaards	abff4d1237	- unbound-control auth_zone_transfer _zone_ option starts the probe sequence for a master to transfer the zone from and transfers when a new zone version is available. git-svn-id: file:///svn/unbound/trunk@4736 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-15 15:01:31 +00:00
Wouter Wijngaards	386f23334b	- unbound-control auth_zone_reload _zone_ option rereads the zonefile. git-svn-id: file:///svn/unbound/trunk@4735 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-15 13:42:41 +00:00
Wouter Wijngaards	a523683d4c	- trunk has 1.7.4. git-svn-id: file:///svn/unbound/trunk@4734 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-15 11:55:23 +00:00
Wouter Wijngaards	b25332e1f4	- tag for 1.7.3rc1. git-svn-id: file:///svn/unbound/trunk@4732 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-15 05:38:39 +00:00
Wouter Wijngaards	a6ec2c6fc7	- Fix nettle compile. git-svn-id: file:///svn/unbound/trunk@4731 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-14 12:08:09 +00:00
Wouter Wijngaards	9cb404ba5f	- Fix that first control-interface determines if TLS is used. Warn when IP address interfaces are used without TLS. git-svn-id: file:///svn/unbound/trunk@4730 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-14 08:14:43 +00:00
Wouter Wijngaards	12251022ec	- #4103 : Fix that auth-zone does not insist on SOA record first in file for url downloads. git-svn-id: file:///svn/unbound/trunk@4729 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-14 07:09:01 +00:00
Ralph Dolmans	00a0cabf7f	- Don't count CNAME response types received during qname minimisation as query restart. git-svn-id: file:///svn/unbound/trunk@4728 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-12 13:09:14 +00:00
Wouter Wijngaards	d65accbb23	- remade dependencies in the Makefile. git-svn-id: file:///svn/unbound/trunk@4725 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-12 12:23:56 +00:00
Wouter Wijngaards	78767f2014	- Fix buffer size warning in unit test. git-svn-id: file:///svn/unbound/trunk@4724 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-12 11:01:14 +00:00
Wouter Wijngaards	23edc18cac	- Rename tls-additional-ports to tls-additional-port, because every line adds one port. git-svn-id: file:///svn/unbound/trunk@4721 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-12 08:45:57 +00:00
Wouter Wijngaards	7fd32916e8	- #4102 for NSD, but for Unbound. Named unix pipes do not use certificate and key files, access can be restricted with file and directory permissions. The option control-use-cert is no longer used, and ignored if found in unbound.conf. git-svn-id: file:///svn/unbound/trunk@4718 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-12 07:43:52 +00:00
Wouter Wijngaards	3f837bc440	trunk is 1.7.3 in development. git-svn-id: file:///svn/unbound/trunk@4717 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-11 10:05:03 +00:00
Wouter Wijngaards	f0769bed93	note OpenBSD accept4. git-svn-id: file:///svn/unbound/trunk@4716 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-11 09:08:41 +00:00
Wouter Wijngaards	a1bfc07105	- Patch to fix openwrt for mac os build darwin detection in configure. git-svn-id: file:///svn/unbound/trunk@4713 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-06 05:31:12 +00:00
Wouter Wijngaards	a4a5bfaa2f	- Fix crash if ratelimit taken into use with unbound-control instead of with unbound.conf. git-svn-id: file:///svn/unbound/trunk@4711 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-05 07:06:19 +00:00
Wouter Wijngaards	62ea384d19	accept4 also on OpenBSD git-svn-id: file:///svn/unbound/trunk@4710 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-05 06:59:05 +00:00
Wouter Wijngaards	7fae96eb1e	Track bug.nr 4100 git-svn-id: file:///svn/unbound/trunk@4708 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-04 12:50:32 +00:00
Wouter Wijngaards	d386641820	- Fix stub reprime when it becomes useless. git-svn-id: file:///svn/unbound/trunk@4707 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-04 12:28:33 +00:00
Wouter Wijngaards	7c5e38294a	- tag for 1.7.2rc1 git-svn-id: file:///svn/unbound/trunk@4705 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-04 10:40:47 +00:00
Wouter Wijngaards	1cadc5d677	- Fix deadlock caused by incoming notify for auth-zone. git-svn-id: file:///svn/unbound/trunk@4704 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-04 09:01:55 +00:00
Wouter Wijngaards	7509bf208e	- Rename additional-tls-port to tls-additional-ports. The older name is accepted for backwards compatibility. git-svn-id: file:///svn/unbound/trunk@4703 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-06-01 08:02:04 +00:00
Wouter Wijngaards	8d1af17449	- Patch from Syzdek: Add ability to ignore RD bit and treat all requests as if the RD bit is set. git-svn-id: file:///svn/unbound/trunk@4701 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-30 09:33:21 +00:00
Wouter Wijngaards	0db1573d34	- Fix that fallback for windows port. git-svn-id: file:///svn/unbound/trunk@4700 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-29 07:52:31 +00:00
Wouter Wijngaards	b3c45a8edb	- in compat/arc4random call getentropy_urandom when getentropy fails with ENOSYS. git-svn-id: file:///svn/unbound/trunk@4699 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-29 07:48:58 +00:00
Wouter Wijngaards	1a0bd1a150	- tls-win-cert option that adds the system certificate store for authenticating DNS-over-TLS connections. It can be used instead of the tls-cert-bundle option, or with it to add certificates. git-svn-id: file:///svn/unbound/trunk@4698 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-28 14:15:06 +00:00
Wouter Wijngaards	5a726fb61f	- Add routine from getdns to add windows cert store to the SSL_CTX. git-svn-id: file:///svn/unbound/trunk@4697 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-28 13:22:10 +00:00
Wouter Wijngaards	6792d2d036	- Fix windows tcp and tls spin on events. git-svn-id: file:///svn/unbound/trunk@4696 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-28 12:30:34 +00:00
Wouter Wijngaards	d32fb26adb	- Fix close events for tcp only. git-svn-id: file:///svn/unbound/trunk@4695 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-25 10:41:24 +00:00
Wouter Wijngaards	d4ba7731ad	- Fix that tcp sticky events are removed for closed fd on windows. git-svn-id: file:///svn/unbound/trunk@4694 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-25 10:02:06 +00:00
Wouter Wijngaards	b9607297e9	- For TCP and TLS connections that don't establish, perform address update in infra cache, so future selections can exclude them. git-svn-id: file:///svn/unbound/trunk@4693 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-25 06:21:39 +00:00
Wouter Wijngaards	9ed59fdf34	setup when ssl upstream or a cert-bundle is configured. git-svn-id: file:///svn/unbound/trunk@4692 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-24 13:03:10 +00:00
Wouter Wijngaards	6b28c8ace2	- unbound-host initializes ssl (for potential DNS-over-TLS usage inside libunbound). git-svn-id: file:///svn/unbound/trunk@4690 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-24 12:30:13 +00:00
Wouter Wijngaards	55088951c0	- Fix that windows unbound service can use DNS-over-TLS. git-svn-id: file:///svn/unbound/trunk@4689 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-24 09:23:24 +00:00
Wouter Wijngaards	d532c9913c	- Fix that libunbound can do DNS-over-TLS, when configured. git-svn-id: file:///svn/unbound/trunk@4687 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-24 08:57:37 +00:00
Wouter Wijngaards	261bf354b7	- Use accept4 to speed up incoming TCP (and TLS) connections, available on Linux and FreeBSD. git-svn-id: file:///svn/unbound/trunk@4686 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-23 13:55:09 +00:00
Ralph Dolmans	50b6dc4b81	- Qname minimisation default changed to yes. git-svn-id: file:///svn/unbound/trunk@4685 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-17 10:33:19 +00:00
Wouter Wijngaards	676644d8e8	- Fix low-rtt-pct to low-rtt-permil, as it is parts in one thousand. git-svn-id: file:///svn/unbound/trunk@4683 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-15 07:30:53 +00:00
Wouter Wijngaards	f64a897cbc	- Fix contrib/libunbound.pc for libssl libcrypto references, from https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=226914 git-svn-id: file:///svn/unbound/trunk@4682 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-11 11:52:19 +00:00
Wouter Wijngaards	8b209f8f68	- Fix mesh state assertion failure due to callback removal. git-svn-id: file:///svn/unbound/trunk@4681 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-07 11:29:12 +00:00
Wouter Wijngaards	16b6619dfa	- Fix windows to not have sticky TLS events for TCP. - Fix read of DNS over TLS length and data in one read call. git-svn-id: file:///svn/unbound/trunk@4680 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-07 08:31:17 +00:00
Wouter Wijngaards	8f886fc6dd	- Fix function type cast warning in libunbound context callback type. git-svn-id: file:///svn/unbound/trunk@4676 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-03 14:12:19 +00:00
Wouter Wijngaards	581f975b38	- Fix gcc 8 buffer warning in testcode. git-svn-id: file:///svn/unbound/trunk@4675 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-03 14:09:33 +00:00
Wouter Wijngaards	d2c8bcf318	- Fix that configure --with-libhiredis also turns on cachedb. git-svn-id: file:///svn/unbound/trunk@4674 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-03 09:59:18 +00:00
Wouter Wijngaards	ef1ed6365c	trunk has 1.7.2 in development git-svn-id: file:///svn/unbound/trunk@4673 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-03 07:59:09 +00:00
Wouter Wijngaards	6fefbb4115	- Fix fail to reject dead peers in forward-zone, with ssl-upstream. git-svn-id: file:///svn/unbound/trunk@4670 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-02 06:36:02 +00:00
Wouter Wijngaards	85bf0bd994	- Fix that unbound-control reload frees the rrset keys and returns the memory pages to the system. git-svn-id: file:///svn/unbound/trunk@4669 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-05-01 14:00:06 +00:00
Wouter Wijngaards	bffb7c52d5	- Fix spelling error in man page and note defaults as no instead of off. git-svn-id: file:///svn/unbound/trunk@4666 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-04-30 07:24:05 +00:00
Wouter Wijngaards	38c4d3d09d	- tag for 1.7.1rc1 release. git-svn-id: file:///svn/unbound/trunk@4664 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-04-26 07:18:42 +00:00
Wouter Wijngaards	2951f21dab	- Fix for crash in daemon_cleanup with dnstap during reload, from Saksham Manchanda. - Also that for dnscrypt. git-svn-id: file:///svn/unbound/trunk@4663 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-04-26 06:59:49 +00:00
Ralph Dolmans	d97a635084	- Fix memory leak when caching wildcard records for aggressive NSEC use git-svn-id: file:///svn/unbound/trunk@4662 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-04-25 13:13:05 +00:00
Wouter Wijngaards	583411768d	- Fix auth https for libev. git-svn-id: file:///svn/unbound/trunk@4660 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-04-24 15:13:18 +00:00
Wouter Wijngaards	a55df65bc9	- Fix contrib/fastrpz.patch for this release. git-svn-id: file:///svn/unbound/trunk@4659 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-04-24 14:26:21 +00:00
Ralph Dolmans	4d06c36342	- Added root-key-sentinel support git-svn-id: file:///svn/unbound/trunk@4652 be551aaa-1e26-0410-a405-d3ace91eadb9	2018-04-24 09:03:49 +00:00

... 13 14 15 16 17 ...

4611 commits