upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-23 15:12:55 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
7021 commits 24 branches 209 tags 131 MiB
Commit graph

4611 commits

Author SHA1 Message Date
Philip Homburg
7f67f7118c Change log entry for lines with blanks issue 2022-06-21 15:30:04 +02:00
George Thessalonikefs
7c9177095f - Remove unused LDNS function check for GOST Engine unloading. 2022-06-20 16:27:15 +02:00
George Thessalonikefs
233cb5c218 - Note in the unbound.conf text that NOTIFY is allowed from the url: 
addresses for auth and rpz zones.
 2022-06-14 17:59:56 +02:00
George Thessalonikefs
e6a0afae73 Changelog entry for #688 
- Merge PR #688: Rpz url notify issue.
 2022-06-14 17:56:23 +02:00
George Thessalonikefs
459b73018f - Fix for edns client subnet to respect not looking in its cache when 
instructed to do so (e.g., prefetch).
 2022-06-03 16:11:35 +02:00
W.C.A. Wijngaards
97b7224885 - makedist.sh picks up 32bit libssp-0.dll when 32bit compile. 2022-06-03 15:18:27 +02:00
W.C.A. Wijngaards
a3ab0921b0 Continue with 1.16.1 under development. 2022-06-02 13:56:52 +02:00
W.C.A. Wijngaards
edc1d07718 - Version is set to 1.16.0 for release. Release tag 1.16.0rc1. 2022-05-27 16:09:28 +02:00
W.C.A. Wijngaards
2d61706171 - Fix #684: [FTBS] configure script error with libmnl on openSUSE 15.3 (and possibly other distributions) 2022-05-27 09:10:16 +02:00
W.C.A. Wijngaards
11d077c826 - Fix some lint type warnings. 2022-05-20 15:32:27 +02:00
W.C.A. Wijngaards
d19d7b81ec - Fix ede test to not use default pidfile, and use local interface. 2022-05-20 15:14:11 +02:00
W.C.A. Wijngaards
714200ad0e - Fix to silence test for ede error output to the console from the 
test setup script.
 2022-05-20 09:08:29 +02:00
George Thessalonikefs
7e506bb477 - Fix typos in config_set_option for the 'num-threads' and 
'ede-serve-expired' options.
 2022-05-18 19:56:26 +03:00
George Thessalonikefs
f73e548934 - Fix #678: [FR] modify behaviour of unbound-control rpz_enable zone, 
by updating unbound-control's documentation.
 2022-05-15 22:53:17 +03:00
W.C.A. Wijngaards
e62b309959 - For #677: Added tls-system-cert to config parser and documentation. 
- Changelog note for #677.
 2022-05-12 16:30:19 +02:00
George Thessalonikefs
daf316ea1b - Fix #417: prefetch and ECS causing cache corruption when used 
together.
 2022-05-12 00:56:01 +02:00
W.C.A. Wijngaards
f0d91950ad - Fix #673: DNS over TLS: error: SSL_handshake syscall: No route to 
host.
 2022-05-11 17:10:42 +02:00
George Thessalonikefs
77149fc2aa - Fix Python build in non-source directory; based on patch by 
Michael Tokarev.
 2022-05-10 15:57:17 +02:00
tcarpay
47ce372f13
Changelog entry for #604: Add the basic EDE (RFC8914) cases 2022-05-06 12:53:49 +02:00
tcarpay
0ce36e8289
Add the basic EDE (RFC8914) cases (#604) 2022-05-06 12:48:53 +02:00
W.C.A. Wijngaards
b61b0af5d6 - Fix #670: SERVFAIL problems with unbound 1.15.0 running on 
OpenBSD 7.1.
 2022-04-28 14:51:47 +02:00
W.C.A. Wijngaards
1289c53c1a - Fix zonemd unsupported algo check to set reason to NULL before the 
check routine, but after malformed checks, to get the correct NULL
  output when the digest matches.
 2022-04-08 11:19:40 +02:00
W.C.A. Wijngaards
d02e83ae2b - Fix zonemd unsupported algo check to print unsupported reason before 
zeroing it.
 2022-04-08 11:10:11 +02:00
W.C.A. Wijngaards
8f2847ba69 - Fix zonemd unsupported algo check reason to not copy to next record, 
and check for success for debug printout.
 2022-04-08 10:54:57 +02:00
W.C.A. Wijngaards
730a03e9bd - Fix zonemd unsupported algo check. 2022-04-08 09:36:01 +02:00
W.C.A. Wijngaards
e4ca71e85b - Fix zonemd check to allow unsupported algorithms to load. 
If there are only unsupported algorithms, or unsupported schemes,
  and no failed or successful other ZONEMD records, or malformed
  or bad ZONEMD records, the unsupported records allow the zone load.
 2022-04-08 09:29:37 +02:00
W.C.A. Wijngaards
8f8a8a341a - Fix spelling error in comment in sldns_str2wire_svcparam_key_lookup. 2022-03-25 16:07:23 +01:00
W.C.A. Wijngaards
722391baf1 - Fix #651: [FR] Better logging for refused queries. 2022-03-23 13:56:52 +01:00
George Thessalonikefs
1e23c4a376 Merge PR #648 from eaglegai: fix -q doesn't work when use with 
'unbound-control stats_shm'
 2022-03-18 16:03:35 +02:00
W.C.A. Wijngaards
9484ddee2e - Fix to describe auth-zone and other configuration at the local-zone 
configuration option, to allow for more broadly view of the options.
 2022-03-17 14:24:37 +01:00
W.C.A. Wijngaards
402135b41a - Fix to ensure uniform handling of spaces and tabs when parsing RRs. 2022-03-16 09:54:53 +01:00
W.C.A. Wijngaards
b0dbfa37f9 Changelog note for #644, move commands together for library binary. 2022-03-09 09:43:07 +01:00
W.C.A. Wijngaards
62c5039ab9 - Fix configure for python to use sysutils, because distutils is 
deprecated. It uses sysutils when available, distutils otherwise.
 2022-03-07 14:02:31 +01:00
W.C.A. Wijngaards
b202b0874c - Fix for #637: fix integer overflow checks in sldns_str2period. 2022-03-03 16:24:46 +01:00
W.C.A. Wijngaards
debe5c665f - Fix #637: Integer Overflow in sldns_str2period function. 2022-03-03 14:19:59 +01:00
W.C.A. Wijngaards
f81420d77f - Fix compile warnings for printf ll format on mingw compile. 2022-03-02 14:34:36 +01:00
George Thessalonikefs
b8e7dfa01e - Various fixes for #632: variable initialisation, convert the qinfo 
to str once, accept trailing dot in the local-zone ipset option.
 2022-03-02 14:29:56 +01:00
George Thessalonikefs
f7ca447368 Changelog entry for #632 
- Merge PR #632 from scottrw93: Match cnames in ipset.
 2022-03-02 13:22:17 +01:00
W.C.A. Wijngaards
99a3f5ee85 - Fix pythonmod for change in iter_dp_is_useless function prototype. 2022-03-01 10:27:24 +01:00
W.C.A. Wijngaards
7749d98a14 - Fix for edns client subnet option add fix in removal code, from review. 2022-02-28 14:51:35 +01:00
W.C.A. Wijngaards
8e8ccfe3c3 - Fix edns client subnet to add the option based on the option list, 
so that it is not state dependent, after the state fix of #605 for
  double EDNS options.
 2022-02-28 14:39:48 +01:00
George Thessalonikefs
ad158ed5cc Changelog entry for #623: 
- Merge #623 from rex4539: Fix typos.
 2022-02-28 12:37:59 +01:00
George Thessalonikefs
82adcfb971 - Fix #630: Unify the RPZ log messages. 2022-02-28 12:07:25 +01:00
W.C.A. Wijngaards
6e64356175 - Fix for #633: updated fix with new text. 2022-02-28 09:56:30 +01:00
W.C.A. Wijngaards
e11cf2d964 - Fix #633: Document unix domain socket support for unbound-control. 2022-02-28 09:39:33 +01:00
W.C.A. Wijngaards
c084c27b39 - Fix check interface existence for support detection in remote lookup. 2022-02-25 15:24:40 +01:00
W.C.A. Wijngaards
2c3225e6c7 - update Makefile dependencies. 2022-02-25 10:29:33 +01:00
W.C.A. Wijngaards
4b772ed571 - Fix to detect that no IPv6 support means that IPv6 addresses are 
useless for delegation point lookups.
 2022-02-25 10:27:56 +01:00
W.C.A. Wijngaards
c4d8104db3 Changelog note for #631. 
- Merge #631 from mollyim: Replace OpenSSL's ERR_PACK with
  ERR_GET_REASON.
 2022-02-18 09:37:44 +01:00
W.C.A. Wijngaards
a746d9693a - Fix that address not available is squelched from the logs for 
udp connect failures. It is visible on verbosity 4 and more.
 2022-02-18 09:03:56 +01:00
W.C.A. Wijngaards
6de5310728 - Fix for #628: fix rpz-passthru for qname trigger by localzone type. 2022-02-16 09:51:25 +01:00
W.C.A. Wijngaards
2b90181d3a - Fix #628: A rpz-passthru action is not ending RPZ zone processing. 2022-02-15 16:20:12 +01:00
W.C.A. Wijngaards
91a5cc9a08 - Remove debug info from #618 fix. 2022-02-11 16:34:24 +01:00
W.C.A. Wijngaards
a0feea393a - Fix #618: enabling interface-automatic disables DNS-over-TLS. 
Adds the option to list interface-automatic-ports.
 2022-02-11 10:58:53 +01:00
W.C.A. Wijngaards
4c6b59fa47 - Fix #624: Unable to stop Unbound in Windows console (does not 
respond to CTRL+C command).
 2022-02-11 08:53:24 +01:00
W.C.A. Wijngaards
ed4ce7b398 Release 1.15.0 on 10 feb 2022. 
The repository continues with version 1.15.1.
And Changelog note.
 2022-02-10 09:54:51 +01:00
W.C.A. Wijngaards
58ac43c754 Note 1.15.0rc1 tag creation in Changelog. 
- Tag for 1.15.0rc1 created.
 2022-02-07 11:31:41 +01:00
W.C.A. Wijngaards
5f724da8c5 - Fix that TCP interface does not use TLS when TLS is also configured. 2022-02-07 09:31:10 +01:00
W.C.A. Wijngaards
c44fe07a07 - Fix #412: cache invalidation issue with CNAME+A. 2022-02-04 14:27:01 +01:00
W.C.A. Wijngaards
c29b0e0a96 - Fix for #611: Integer overflow in sldns_wire2str_pkt_scan. 2022-02-03 09:03:09 +01:00
W.C.A. Wijngaards
50a312b8da - Update contrib/aaaa-filter-iterator.patch with diff for current 
software version.
 2022-02-02 15:35:19 +01:00
W.C.A. Wijngaards
893fb4d54b - Fix docker splint test to use more portable uname. 2022-02-02 14:47:57 +01:00
W.C.A. Wijngaards
6bad577781 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-02-02 14:11:55 +01:00
W.C.A. Wijngaards
2642319ea6 - please clang analyzer for loop in test code. 2022-02-02 14:11:36 +01:00
George Thessalonikefs
d123e1c919 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-02-02 14:05:35 +01:00
George Thessalonikefs
c53171d942 - Changelog entry clarification. 2022-02-02 14:05:31 +01:00
W.C.A. Wijngaards
e656be63f9 - Fix header comment for doxygen for authextstrtoaddr. 2022-02-02 13:20:46 +01:00
W.C.A. Wijngaards
ee3c478239 - Update version number in repo to 1.15.0 for upcoming release, 
since it changes the aggressive-nsec default and the ratelimit change.
 2022-02-02 13:09:51 +01:00
George Thessalonikefs
b1feb9fb1e - Update stream_ssl.tdir test to also use the new forward-host notation. 2022-02-02 12:55:29 +01:00
George Thessalonikefs
819008cf7e - Merge PR #617: Update stub/forward-host notation to accept port and 
tls-auth-name.
 2022-02-02 11:57:36 +01:00
gthess
11f2e7e6ae
Merge pull request #617 from NLnetLabs/update-host-notation 
Update stub/forward-host notation to accept port and tls-auth-name
 2022-02-02 11:56:27 +01:00
gthess
414a37ed2b
Don't accidentaly introduce a troff macro 
Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2022-02-02 11:53:38 +01:00
George Thessalonikefs
32c3bbd249 - Change aggressive-nsec default to yes. 2022-02-02 11:25:08 +01:00
George Thessalonikefs
c6b413069d Changelog entry for #616 
- Merge PR #616: Update ratelimit logic. It also introduces
  ratelimit-backoff and ip-ratelimit-backoff configuration options.
 2022-02-02 11:18:14 +01:00
gthess
358e3a5963
Merge pull request #616 from NLnetLabs/bugfix/ratelimit 
Update ratelimit logic
 2022-02-02 11:16:04 +01:00
George Thessalonikefs
506d24c7a6 Changelog entry for #532 
- Merge PR #532 from Shchelk: Fix: buffer overflow bug.
 2022-02-02 10:48:56 +01:00
George Thessalonikefs
a5e9221933 Changelog note for #603: 
- Merge PR #603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA
  internals.
 2022-02-01 18:00:46 +01:00
George Thessalonikefs
814a234876 - Update stub/forward-host notation to accept port and tls-auth-name. 
Fixes #546.
 2022-02-01 14:44:29 +01:00
George Thessalonikefs
10d9804149 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-01-31 11:28:30 +01:00
George Thessalonikefs
a60bbd12ed -Fix review comment for use-after-free when failing to send UDP out. 2022-01-31 11:27:35 +01:00
W.C.A. Wijngaards
84df46289d - iana portlist update. 2022-01-31 10:53:22 +01:00
George Thessalonikefs
52283194eb - Update unbound.conf manpage and example.conf file for ratelimit 
options.
 2022-01-30 01:04:15 +01:00
George Thessalonikefs
3086335724 - Introduce ratelimit-backoff and ip-ratelimit-backoff options for more 
aggressive rate limiting.
 2022-01-30 00:36:29 +01:00
George Thessalonikefs
f857af873e - Update ratelimit code for recent serviced_query changes and more 
accurate ratelimit calculation.
 2022-01-29 23:49:38 +01:00
George Thessalonikefs
888eb224a6 - Better cleanup on failed DoT/DoH listening socket creation. 2022-01-29 15:14:56 +01:00
George Thessalonikefs
c49e87e1b7 - Fix tls-* and ssl-* documented alternate syntax to also be available 
through remote-control and unbound-checkconf.
 2022-01-29 15:11:47 +01:00
W.C.A. Wijngaards
d10562c823 Merge branch 'master' of github.com:NLnetLabs/unbound 2022-01-26 16:41:04 +01:00
W.C.A. Wijngaards
54ea2948da - Test for NSID in SERVFAIL response due to DNSSEC bogus. 2022-01-26 16:40:04 +01:00
George Thessalonikefs
ea47c08e70 - Fix #599: [FR] RFC 9156 (obsoletes RFC 7816), by noting the new RFC 
document.
 2022-01-26 14:35:22 +01:00
George Thessalonikefs
79e755e1dd Changelog note for #612: 
- Merge PR #612: TCP race condition.
 2022-01-25 17:29:52 +01:00
George Thessalonikefs
5c85615515 - Fix #588: Unbound 1.13.2 crashes due to p->pc is NULL in 
serviced_udp_callback.
 2022-01-25 17:15:37 +01:00
W.C.A. Wijngaards
70f13e54bf Changelog note for #610 
- Fix #610: Undefine-shift in sldns_str2wire_hip_buf.
 2022-01-25 09:02:55 +01:00
George Thessalonikefs
8e76eb95a0 - For dnstap, do not wakeupnow right there. Instead zero the timer to 
force the wakeup callback asap.
 2022-01-19 15:32:02 +01:00
W.C.A. Wijngaards
c7ae3ef156 - For #602: Allow the module-config "subnetcache validator cachedb 
iterator".
 2022-01-14 16:30:25 +01:00
W.C.A. Wijngaards
2996040c6c - Add rpz: for-downstream: yesno option, where the RPZ zone is 
authoritatively answered for, so the RPZ zone contents can be
  checked with DNS queries directed at the RPZ zone.
 2022-01-14 16:23:43 +01:00
George Thessalonikefs
3c8a79eed8 Changelog note for #605: 
- Merge PR #605: Fix EDNS to upstream where the same option could be
  attached more than once.
 2022-01-14 15:38:15 +01:00
George Thessalonikefs
a97604737b - Fix prematurely terminated TCP queries when a reply has the same ID. 2022-01-11 10:00:45 +01:00
W.C.A. Wijngaards
d52d94c6db Changelog note for #600 
- Merge #600 from pemensik: Change file mode before changing file
  owner.
 2022-01-07 13:23:18 +01:00
W.C.A. Wijngaards
33ef79d433 - Fix for #596: Fix rpz-signal-nxdomain-ra to work for clientip 
triggered operation.
 2022-01-05 16:48:35 +01:00
W.C.A. Wijngaards
eccfe3e1f5 - Fix #598: Fix unbound-checkconf fatal error: module conf 
'respip dns64 validator iterator' is not known to work.
 2022-01-05 16:14:47 +01:00