upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-25 08:02:54 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
7021 commits 24 branches 209 tags 131 MiB
Commit graph

1303 commits

Author SHA1 Message Date
W.C.A. Wijngaards
ea4f1ee8a6 - zonemd-check: yesno option, default no, enables the processing 
of ZONEMD records for that zone.
 2021-05-27 14:20:53 +02:00
W.C.A. Wijngaards
76532f7447 - rpz-triggers, silence qname trigger explanation in rpz-log, this is 
backwards compatible.
 2021-05-21 14:56:38 +02:00
W.C.A. Wijngaards
e5cb48c432 Merge branch 'master' into rpz-triggers 2021-05-21 14:09:30 +02:00
W.C.A. Wijngaards
0a6b22dc55 - rpz-triggers, rpz log and stats for nsip and clientip and nsdname. 2021-05-21 14:05:19 +02:00
George Thessalonikefs
ff6b527184 - Fix for #411, #439, #469: Reset the DNS message ID when moving queries 
between TCP streams.
- Refactor for uniform way to produce random DNS message IDs.
 2021-05-19 15:07:32 +02:00
W.C.A. Wijngaards
ddec5aa559 - rpz-triggers, spelling fix in comment. 2021-05-19 11:40:31 +02:00
W.C.A. Wijngaards
44f5d27683 - rpz-triggers, check for alloc failure and zone for add rpz soa. 2021-05-14 17:27:15 +02:00
W.C.A. Wijngaards
568aab1b67 - rpz-triggers, in callback from iterator, if rpz is disabled, skip. 2021-05-14 16:41:54 +02:00
W.C.A. Wijngaards
355526da7d - rpz-triggers, the added soa for client ip modified answers is affected 
by the minimal-responses config option.
 2021-05-14 16:34:38 +02:00
W.C.A. Wijngaards
2094763beb - rpz-triggers, add rpz SOA when minimal responses is not set. 2021-05-14 16:28:55 +02:00
W.C.A. Wijngaards
50dcadd495 - rpz-triggers, for clientip modified answers the rpz SOA is added to the 
additional section with the serial number and name of the rpz zone that
  was applied.
 2021-05-14 15:34:48 +02:00
W.C.A. Wijngaards
ad08971b7a - rpz-triggers, use zone for local data zone based answer if available. 2021-05-14 14:04:42 +02:00
W.C.A. Wijngaards
e7f476d5c3 - rpz-triggers, fix comments, log no zone answers. 2021-05-14 13:57:04 +02:00
W.C.A. Wijngaards
193e37d6e8 - rpz-triggers, call module local callback for rpz local encode replies. 2021-05-14 13:42:54 +02:00
W.C.A. Wijngaards
a9df16cf9b - rpz-triggers, fix memory allocation trouble on allocation error path. 2021-05-14 13:35:24 +02:00
W.C.A. Wijngaards
9f40e93fe6 - rpz-triggers, use sec_status_insecure like respip, AA flag on RPZ responses. 2021-05-14 13:28:10 +02:00
W.C.A. Wijngaards
32d82fac9b Merge branch 'master' into rpz-triggers 2021-05-14 08:47:56 +02:00
W.C.A. Wijngaards
07fda669e4 - Fix #485: Unbound occasionally reports broken stats. 2021-05-07 11:13:44 +02:00
W.C.A. Wijngaards
90d0f8bc19 - Fix to squelch tcp socket bind failures when the interface is gone. 2021-05-04 16:21:42 +02:00
George Thessalonikefs
71f311dbe1 - Fix for #367: only attempt to get the interface for queries 
that are no longer on the tcp_waiting_list.
 2021-05-04 14:45:01 +02:00
André Cruz
e07f973938
Allow configuration of TCP timeout while waiting for response 
This allows us to configure how long Unbound will wait for a response
on a TCP connection.
 2021-04-28 16:20:46 +01:00
George Thessalonikefs
45328d37b1 - Fix compiler warning for signed/unsigned comparison for 
max_reuse_tcp_queries.
 2021-04-28 16:15:52 +02:00
André Cruz
75875d4d1c
Allow configuration of persistent TCP connections 
Added 2 new options to configure previously hardcoded
values: max-reuse-tcp-queries and tcp-reuse-timeout. These
allow fine-grained control over how unbound uses persistent
TCP connections to authority servers.
 2021-04-21 13:50:45 +01:00
W.C.A. Wijngaards
69349c7c24 - rpz-triggers, nicer logging for response IP triggers. 2021-04-14 16:35:39 +02:00
W.C.A. Wijngaards
a23efc70ee - rpz-triggers, nicer logging for qname and clientip triggers. 2021-04-14 13:54:27 +02:00
W.C.A. Wijngaards
ab94ca9684 - rpz-triggers, nicer logging for nsdname and nsip triggers, one line and 
only when it applies to the delegation point.
 2021-04-14 12:11:11 +02:00
W.C.A. Wijngaards
b366441157 Merge branch 'master' into rpz-triggers 2021-04-14 09:39:41 +02:00
W.C.A. Wijngaards
55ba863440 - Fix that nxdomain synthesis does not happen above the stub or 
forward definition.
 2021-04-13 13:52:57 +02:00
W.C.A. Wijngaards
0491176315 - rpz-triggers, spelling 2021-04-09 08:38:18 +02:00
W.C.A. Wijngaards
473f0cc44b - rpz-triggers, precedence fix for nsdname and nsip triggers. 2021-04-08 14:39:48 +02:00
W.C.A. Wijngaards
f2d7620308 Merge branch 'master' into rpz-triggers 2021-04-08 14:28:26 +02:00
W.C.A. Wijngaards
7396eff7af - Fix for #411: Depth protect for crash on deleted element timeout. 2021-04-08 13:47:06 +02:00
W.C.A. Wijngaards
f64358b351 Merge branch 'master' into rpz-triggers 2021-04-01 14:34:25 +02:00
W.C.A. Wijngaards
fe324823f8 - Fix to stop IPv6 PMTU discovery. 2021-04-01 13:45:34 +02:00
W.C.A. Wijngaards
a2ea701f31 - rpz-triggers, fix what domain name to match for nsdname. 2021-04-01 13:11:51 +02:00
W.C.A. Wijngaards
1c75e62804 - rpz-triggers, separate cache storage of RPZ records from network records. 2021-04-01 12:06:14 +02:00
W.C.A. Wijngaards
49d9e91492 Merge branch 'master' into rpz-triggers 2021-03-25 17:28:53 +01:00
George Thessalonikefs
50d773436d - Fix for #367: fix memory leak when cannot bind to listening port. 2021-03-22 16:46:17 +01:00
W.C.A. Wijngaards
6289806f41 - Fix memory leak reported by asan in rpz SOA record query name. 2021-03-22 15:29:34 +01:00
W.C.A. Wijngaards
574c1fa50a - Fix compile error in listen_dnsport on Android. 2021-03-22 15:02:19 +01:00
W.C.A. Wijngaards
a8e0de95b8 - rpz-triggers, remove unused variable warning. 2021-03-22 09:52:00 +01:00
W.C.A. Wijngaards
3dd804755b - rpz-triggers, function documentation comments for iterator callback 
functions.
 2021-03-22 09:49:22 +01:00
W.C.A. Wijngaards
5a23c84951 - rpz triggers, fix query name on trigger after cname. 2021-03-19 17:36:09 +01:00
W.C.A. Wijngaards
7f39003c04 - rpz triggers, implement qname trigger after cname. 2021-03-19 17:31:44 +01:00
W.C.A. Wijngaards
1a528238e2 - rpz triggers, use tld name for tld pointer in suffix removal. 2021-03-12 16:07:37 +01:00
W.C.A. Wijngaards
e7afe0b153 - rpz triggers, rpz_insert_rr nicer. 2021-03-12 14:35:34 +01:00
W.C.A. Wijngaards
2d4523d946 - rpz triggers, fix that nsdname suffix removal returns allocated memory 
of the correct length and the correct dnamelen.
 2021-03-12 14:32:10 +01:00
W.C.A. Wijngaards
5ea042c863 - rpz triggers, document statistics and fix comment about statistics. 2021-03-12 13:24:17 +01:00
W.C.A. Wijngaards
62674aaff8 - rpz triggers, fix to put braces around operator. 2021-03-12 13:13:17 +01:00
W.C.A. Wijngaards
4f892a37bd - rpz triggers, spelling fix. 2021-03-12 10:21:29 +01:00
W.C.A. Wijngaards
c7bb118a88 - rpz trigger, fix tcp only action after merge 2021-03-12 09:18:38 +01:00
W.C.A. Wijngaards
7a5d82dd48 - rpz trigger, fix merge for unsupported ipaddr based trigger action. 2021-03-12 09:10:11 +01:00
W.C.A. Wijngaards
6f507eb036 Merge branch 'master' into rpz-triggers 2021-03-12 09:04:54 +01:00
W.C.A. Wijngaards
269c168f7e - Debug output for #411 and #439: printout internal error and details. 2021-03-05 13:54:26 +01:00
W.C.A. Wijngaards
1bdae426ee - Workaround for #439: prevent loops in the reuse rbtree. 2021-03-05 13:46:36 +01:00
W.C.A. Wijngaards
6e4ecf7bc1 - Fix spurious errors about "Could not generate request: out of 
memory".  The mesh detect cycle routine no longer wrongly stops
  the check when the calling mesh state is unique.
 2021-03-04 14:13:44 +01:00
W.C.A. Wijngaards
6cd77933a3 - Fix: Resolve interface names on control-interface too. 2021-02-26 13:54:10 +01:00
George Thessalonikefs
826828673a - Fix for #367: rc_ports don't have ub_sock; skip cleaning up. 2021-02-26 13:13:55 +01:00
W.C.A. Wijngaards
a06d761f74 - Fix to allow rpz with wildcard that applies to all TLDs at once. 2021-02-25 16:54:32 +01:00
Wouter Wijngaards
209dc32624
Merge pull request #367 from NLnetLabs/dnstap-log-local-addr 
DNSTAP log local address
 2021-02-25 11:58:36 +01:00
W.C.A. Wijngaards
04b4f515a7 Fix comment item. 2021-02-25 08:50:02 +01:00
W.C.A. Wijngaards
6cda81b7e4 Fix to use a simple pointer in the call of make_sock and make_sock_port. 2021-02-24 17:36:22 +01:00
W.C.A. Wijngaards
a9e15f36d8 - Fix unit test for added ulimit checks. 2021-02-24 15:30:12 +01:00
W.C.A. Wijngaards
e6ffacc16a - Fix function documentation. 2021-02-24 15:25:12 +01:00
W.C.A. Wijngaards
d3497f6bd1 - On startup of unbound it checks if rlimits on memory size look 
sufficient for the configured cache size, and logs warning if not.
 2021-02-24 14:14:33 +01:00
George Thessalonikefs
d69132b921 - Fix #384: (1) A minor request to improve the log (2) A minor bug in 
one log message.
 2021-02-24 12:00:11 +01:00
W.C.A. Wijngaards
39a557833d - Fix for zonemd, do not reject insecure result from trust anchor 
validation step in dnssec chain of trust.
 2021-02-23 17:09:40 +01:00
W.C.A. Wijngaards
c802298fca - Fix for zonemd, that domain-insecure zones work without dnssec. 2021-02-23 17:03:23 +01:00
W.C.A. Wijngaards
131d38f8f2 - Fix for zonemd, that nxdomain for the chain of trust is allowed 
for island zones, it is treates as an insecure zone for verification.
 2021-02-22 17:32:40 +01:00
W.C.A. Wijngaards
40fbc3fa8a - Fix #431: Squelch permission denied errors for tcp connect 2021-02-22 08:24:04 +01:00
W.C.A. Wijngaards
aa53b933cc - rpz skip nsec3param records, and nicer log for unsupported actions. 2021-02-19 15:00:39 +01:00
W.C.A. Wijngaards
f5339ec7e5 Merge branch 'master' into dnstap-log-local-addr 2021-02-18 13:12:09 +01:00
W.C.A. Wijngaards
48e0d3356a zonemd, review comments, spelling fix. 2021-02-12 10:48:38 +01:00
W.C.A. Wijngaards
b7ffa6618c zonemd, review comments, fix no anchor lookup if none. 2021-02-12 09:16:22 +01:00
W.C.A. Wijngaards
8490508559 zonemd, review comments, stop null dnskey, skip dnssec for insecure islands. 2021-02-12 08:33:03 +01:00
W.C.A. Wijngaards
6965cef5e8 zonemd, review comments, check qname for zonemd dnskey lookup. 2021-02-11 17:33:10 +01:00
W.C.A. Wijngaards
e0f17c2443 zonemd, review comments, stop callback for a deleted zone. 2021-02-11 17:27:59 +01:00
W.C.A. Wijngaards
d3b6e1679c zonemd, review comments, indentation. 2021-02-11 16:05:28 +01:00
W.C.A. Wijngaards
9a972aa5b2 zonemd, review comments, compare list size for rrsigtype add. 2021-02-10 16:38:39 +01:00
W.C.A. Wijngaards
12171e3124 zonemd, review comments, compare list size correctly. 2021-02-10 16:34:24 +01:00
W.C.A. Wijngaards
3d2692d6bc zonemd, review comments, add comments to unit test, scope verbose output. 2021-02-10 15:30:23 +01:00
W.C.A. Wijngaards
b7a633fdc0 Merge branch 'master' into zonemd 2021-02-04 16:08:11 +01:00
George Thessalonikefs
bb09b649f7 Merge branch 'master' of github.com:NLnetLabs/unbound 2021-02-01 16:59:19 +01:00
George Thessalonikefs
a8485d58ca - Attempt to fix NULL keys in the reuse_tcp tree; relates to #411. 2021-02-01 16:57:56 +01:00
W.C.A. Wijngaards
9e6f8567de - Fix to use correct type for label count in rpz routine. 2021-01-28 09:07:16 +01:00
W.C.A. Wijngaards
9d700e1f85 - Annotate that we ignore the return value of if_indextoname. 2021-01-28 09:04:00 +01:00
George Thessalonikefs
3124eb052d - Ignore cache blacklisting when trying to reply with expired data from 
cache. (#394)
 2021-01-26 15:32:50 +01:00
George Thessalonikefs
f5b7169729 Merge branch 'orig_ttl' of https://github.com/rijswijk/unbound into rijswijk-orig_ttl 2021-01-25 17:39:24 +01:00
Willem Toorop
ca2139bf3d Some review nits from George 2021-01-25 15:13:54 +01:00
Roland van Rijswijk-Deij
c4c849d878 Rebase on master 2021-01-22 16:44:56 +00:00
Willem Toorop
b7864b0c48 Merge branch 'master' into features/padding 2021-01-22 15:13:01 +01:00
W.C.A. Wijngaards
20ff80c5bb zonemd, fix to detect duplicate zonemd scheme and algo RRs. 2021-01-22 14:36:53 +01:00
W.C.A. Wijngaards
3a6f1ecafa Fixup if brackets. 2021-01-22 13:11:41 +01:00
Willem Toorop
48ecf95108 Merge branch 'master' into features/padding 2021-01-22 10:29:50 +01:00
George Thessalonikefs
38e12229b8 - Feedback for PR #407. 2021-01-19 20:09:34 +01:00
George Thessalonikefs
9056613a79 - Fix TTL of SOA record for negative answers (localzone data and 
authzone) to be the minimum of the SOA TTL and the SOA.MINIMUM.
 2021-01-19 15:55:55 +01:00
W.C.A. Wijngaards
5c760a13a4 - rpz trigger, unlock and remove node when rpz is disabled with action override. 2021-01-14 15:31:33 +01:00
W.C.A. Wijngaards
15b46257e1 - fix that testdata/rpz_clientip.rpl trigger tests succeed. 2021-01-14 13:49:42 +01:00
W.C.A. Wijngaards
cdb60adcdc Merge branch 'rpz' of https://github.com/magenbluten/unbound into magenbluten-rpz 
Conflict fixed for rpz.disabled check added.
 2021-01-14 12:11:29 +01:00
W.C.A. Wijngaards
3322f631e5 - Fix #397: [Feature request] add new type always_null to local-zone 
similar to always_nxdomain.
 2021-01-12 13:35:05 +01:00
W.C.A. Wijngaards
64f508fa00 - Fix clang analysis warning. 2021-01-08 11:10:05 +01:00
W.C.A. Wijngaards
d9dd7bc36f - Add comment documentation. 2021-01-08 11:01:06 +01:00
W.C.A. Wijngaards
ee2545d939 - For #391: fix indentation. 2021-01-08 09:53:52 +01:00
W.C.A. Wijngaards
3e03e2c26d - For #391: use struct timeval* start_time for callback information. 2021-01-08 09:47:46 +01:00
Wouter Wijngaards
48724de155
Merge pull request #391 from fhriley/reply_cb_start_time 
Add start_time to reply callbacks so modules can compute the response…
 2021-01-08 09:35:07 +01:00
Wouter Wijngaards
2c1ecb2231
Merge pull request #375 from fhriley/disable-rpz 
Add rpz_enable and rpz_disable commands to unbound-control
 2021-01-05 13:40:32 +01:00
Frank Riley
e3abd772f7 Add start_time to reply callbacks so modules can compute the response time. 2021-01-01 15:44:21 -07:00
George Thessalonikefs
08968baec1 - Fix error cases when udp-connect is set and send() returns an error 
(modified patch from Xin Li @delphij).
 2020-12-16 17:11:41 +01:00
Frank Riley
42d764eeda Add rpz_enable and rpz_disable commands to unbound-control. 2020-12-13 12:35:11 -07:00
W.C.A. Wijngaards
811cf6db0c - Fix missing prototypes in the code. 2020-12-11 14:34:39 +01:00
W.C.A. Wijngaards
1f7d1a00ff Fix for #368: dnstap does not log the DNS message ID for FORWARDER_QUERY 2020-12-10 08:19:07 +01:00
W.C.A. Wijngaards
51e431ada1 doxygen comments fixup 2020-12-09 14:17:02 +01:00
W.C.A. Wijngaards
e25f80799a Fix use after free. 2020-12-09 14:13:46 +01:00
W.C.A. Wijngaards
9ea58b5bc0 Fix for tcp outgoing to have local address logged 2020-12-09 14:02:00 +01:00
W.C.A. Wijngaards
af96ff157e Fix leak of socket mem on failure and fix if tcp has to wait we 
do not know the interface at the time.  Later when it knows the
interface we do not have 'sq' with the zone name.
 2020-12-09 13:52:49 +01:00
W.C.A. Wijngaards
2baa748bc7 Use port_if pointer instead of wrong UDP local addr 2020-12-09 12:13:50 +01:00
W.C.A. Wijngaards
6ce577c4d9 Use stored TCP address for callback. 2020-12-09 12:07:16 +01:00
W.C.A. Wijngaards
9272725cdd Use calloc and freeaddrinfo 2020-12-09 11:43:16 +01:00
W.C.A. Wijngaards
275f18cc8e Remove useless tcp_read_fd member from struct 2020-12-09 11:37:04 +01:00
W.C.A. Wijngaards
91bec32cdc For TCP store picked outgoing interface and pass it. 2020-12-09 11:34:39 +01:00
W.C.A. Wijngaards
159bf52384 Fix that it passes the actual UDP address instead of first 
and pass NULL to make tcp log compile.
 2020-12-09 11:27:33 +01:00
W.C.A. Wijngaards
31cedb47cb Remove unused whitespace, add missing header change, make it compile 2020-12-09 11:13:58 +01:00
W.C.A. Wijngaards
bdfa65c6ab Import the patches from the files in the tarball in 
issue #365 https://github.com/NLnetLabs/unbound/files/5659923/patches.tar.gz
from iruzanov.  The merge conflicts are fixed, but no changes are made
to the patched code.
 2020-12-09 11:00:51 +01:00
W.C.A. Wijngaards
16c496bff6 - Fix #356: deadlock when listening tcp. 2020-12-02 10:10:27 +01:00
W.C.A. Wijngaards
5906811ff1 - Fix #358: Squelch udp connect 'no route to host' errors on low 
verbosity.
 2020-12-01 09:09:13 +01:00
W.C.A. Wijngaards
e4bdc527ba - Fix assertion failure on double callback when iterator loses 
interest in query at head of line that then has the tcp stream
  not kept for reuse.
 2020-11-30 09:41:33 +01:00
mb
78bcfdee64 rpz: fix local data lookup for nsdname 2020-11-27 12:22:56 +01:00
mb
842c9bfc41 rpz: cleanups 2020-11-27 10:52:01 +01:00
mb
8fce4ff27a rpz: continue nsdname and minor cleanups 2020-11-27 10:46:54 +01:00
mb
eba7e1a7c7 rpz: nsdname actions 2020-11-27 10:09:54 +01:00
W.C.A. Wijngaards
67d541d690 - Fix compile warnings for windows. 2020-11-27 10:01:55 +01:00
W.C.A. Wijngaards
8ffdbc2714 - Fix when use free buffer to initialize rbtree for stream reuse. 2020-11-27 09:57:08 +01:00
W.C.A. Wijngaards
11139c1b4e - Fix compile warning for type cast in http2_submit_dns_response. 2020-11-27 09:08:48 +01:00
mb
714d546d1d rpz: add testbound nsdname script (stub) 2020-11-26 12:26:23 +01:00
W.C.A. Wijngaards
3fb0493d3f - Clear readagain upon decommission of pending tcp structure. 2020-11-26 12:23:18 +01:00
mb
caaa38f7c5 rpz: strip .rpz-nsdname suffix when inserting trigger 2020-11-26 12:16:33 +01:00
mb
f78aa90ff1 rpz: nsdname stubs 2020-11-26 11:33:49 +01:00
W.C.A. Wijngaards
e50152aa1f - Fix readagain and writeagain callback functions for comm point 
cleanup.
 2020-11-25 13:46:28 +01:00
W.C.A. Wijngaards
d05c259458 - Attempt fix for libevent state in tcp reuse cases after a packet 
is written.
 2020-11-25 12:12:35 +01:00
mb
d6a69d77e2 rpz: minor cleanups 2020-11-25 11:45:33 +01:00
W.C.A. Wijngaards
4b644b7965 - Better fix for reuse tree comparison for is-tls sockets. Where 
the tree key identity is preserved after cleanup of the TLS state.
 2020-11-25 10:22:11 +01:00
W.C.A. Wijngaards
15e8f5c6d4 - Fix udp-connect on FreeBSD, do send calls on connected UDP socket. 2020-11-25 09:55:01 +01:00
W.C.A. Wijngaards
978d3840dc - Fix crash when TLS connection is closed prematurely, when 
reuse tree comparison is not properly identical to insertion.
 2020-11-24 16:58:51 +01:00
mb
7acf1a5088 rpz: fix forged response 2020-11-24 16:29:15 +01:00
mb
afc73e28d8 rpz: fix forged messages 2020-11-24 12:02:59 +01:00
mb
b178cf34b6 rpz: update ext_state in the iterator 2020-11-24 11:33:16 +01:00
mb
126e114d6f rpz: forge responses 2020-11-24 11:25:01 +01:00
mb
354c19f6ac rpz: apply trigger at query time not response time 2020-11-24 09:33:08 +01:00
Wouter Wijngaards
ead06af086 Merge branch 'master' into stream-reuse 2020-11-24 08:20:07 +01:00
George Thessalonikefs
b0247b6e93 Merge branch 'master' into edns-string 2020-11-23 16:58:30 +01:00