upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6058 commits 23 branches 209 tags 123 MiB
Commit graph

3886 commits

Author SHA1 Message Date
W.C.A. Wijngaards
50091d49ea - contrib/aaaa-filter-iterator.patch file renewed diff content to 
apply cleanly to the current coderepo for the current code version.
 2020-08-05 16:33:48 +02:00
Ralph Dolmans
ce0b39007d - Changelog entry for EDNS client tag functionality 2020-08-05 16:10:10 +02:00
George Thessalonikefs
ded7fdafb3 - Merge PR #280, Make tvOS & watchOS checks verify 
truthiness as well as definedness, by Felipe Gasper (fixes #279).
 2020-08-04 16:38:40 +02:00
George Thessalonikefs
764a0dc765 - Improve error log message when inserting rpz RR. 2020-08-04 12:49:43 +02:00
W.C.A. Wijngaards
fc55345dcb - Fix mini_event.h on OpenBSD cannot find fd_set. 2020-08-04 08:14:25 +02:00
W.C.A. Wijngaards
e855d5779a - Fix doxygen comment for no ssl for tls session ticket key callback 
routine.
 2020-07-31 09:10:40 +02:00
George Thessalonikefs
69f0adf83b - Merge PR #268, draft-ietf-dnsop-serve-stale-10 has become RFC 8767 on 
March 2020, by and0x000.
 2020-07-27 13:11:46 +02:00
W.C.A. Wijngaards
e4b702ef4f Changelog note for PR #270 
- Merge PR #270 from cgzones: munin plugin: always exit 0 in autoconf
 2020-07-27 13:02:47 +02:00
Ralph Dolmans
4bd97633a1 - Merge PR #269, Fix python module len() implementations, by Torbjörn Lönnemark 2020-07-27 12:14:08 +02:00
W.C.A. Wijngaards
d201a11a67 - branch now named 1.11.1. 1.11.0rc1 became the 1.11.0 release. 2020-07-27 12:10:28 +02:00
W.C.A. Wijngaards
753487ff7f - branch now named 1.11.0 and 1.11.0rc1 tag. 2020-07-20 13:02:09 +02:00
W.C.A. Wijngaards
c8ff4f55e7 - Fix contrib/fastrpz.patch to apply cleanly. It fixes for changes 
due to added libdynmod, but it does not compile, it conflicts with
  new rpz code.
 2020-07-20 11:05:28 +02:00
W.C.A. Wijngaards
477bb1a6ff - Fix contrib/fastrpz.patch to apply cleanly. 2020-07-20 10:53:30 +02:00
W.C.A. Wijngaards
53ecdfc0b5 - Fix streamtcp to print packet data to stdout. This makes the 
stdout and stderr not mix together lines, when parsing its output.
 2020-07-20 10:34:40 +02:00
W.C.A. Wijngaards
b7b5952c3a - Fix lock dependency cycle in rpz zone config setup. 2020-07-17 17:15:55 +02:00
W.C.A. Wijngaards
7d4445c03d - Fix libnettle compile for session ticket key callback function 
changes.
 2020-07-17 16:53:52 +02:00
Ralph Dolmans
14a0433470 - Merge PR #234 - Ensure proper alignment of cmsg buffers by Jérémie 
Courrèges-Anglas.
- Fix PR #234 log_assert sizeof to use union buffer.
 2020-07-17 13:07:03 +02:00
W.C.A. Wijngaards
2902ee133b - Fix unused variable warning for clang analyzer. 2020-07-16 15:41:25 +02:00
W.C.A. Wijngaards
84adade86c - Fix check conf test for referencing installation paths. 2020-07-16 14:47:15 +02:00
George Thessalonikefs
8876751ed1 - Changelog entry for PR #265; include-toplevel. 2020-07-16 13:01:28 +02:00
Ralph Dolmans
d75f58d659 - Add changelog entry for bidirectional frame streams support. 2020-07-16 11:45:10 +02:00
W.C.A. Wijngaards
e99b5046eb - Fix to use SSL_CTX_set_tlsext_ticket_key_evp_cb in OpenSSL 
3.0.0-alpha4.
- Longer keys for the test set, this avoids weak crypto errors.
 2020-07-08 16:22:39 +02:00
W.C.A. Wijngaards
ff50993f36 - Fix add missing DSA header, for compilation without deprecated 
OpenSSL APIs.
 2020-07-08 11:43:50 +02:00
W.C.A. Wijngaards
d84529cc0e - Review fixes for checkconf #259 change. 2020-07-07 10:18:56 +02:00
W.C.A. Wijngaards
4d009e19fc - Fix #259: Fix unbound-checkconf does not check view existence. 
unbound-checkconf checks access-control-view, access-control-tags,
  access-control-tag-actions and access-control-tag-datas.
- Fix offset of error printout for access-control-tag-datas.
 2020-07-07 09:00:04 +02:00
W.C.A. Wijngaards
233c14a476 - run_vm cleanup better and removes trailing slash on single argument. 2020-07-06 11:33:07 +02:00
W.C.A. Wijngaards
06d33f61c1 - Fix tcp req info drop due to size call into mesh accounting 
removal of mesh state during mesh send reply.
 2020-06-30 17:22:43 +02:00
W.C.A. Wijngaards
52774b6b20 - Review fix for number of detached states due to use of variable 
after end of loop.
 2020-06-30 16:35:48 +02:00
W.C.A. Wijngaards
84b0207956 - Fix for mesh accounting when rpz decides to drop a reply with a 
tcp stream waiting for it.
 2020-06-30 16:20:09 +02:00
W.C.A. Wijngaards
6f0c2956ac - Also move reply list clean for mesh callbacks to the scrip callback 
can see the reply_info.
- Fix for mesh accounting if the reply list already empty to begin
  with.
 2020-06-30 15:48:11 +02:00
W.C.A. Wijngaards
8ac054733b - Move reply list clean for serve expired mesh callback to after 
the reply is sent, so that script callbacks have reply_info.
 2020-06-30 13:41:26 +02:00
W.C.A. Wijngaards
2a90e8fa1e - doxygen file comments for dynlibmodule. 2020-06-24 13:37:43 +02:00
W.C.A. Wijngaards
be1182c3db - iana portlist updated. 2020-06-24 13:33:47 +02:00
W.C.A. Wijngaards
5203954068 - Fix display of event loop method with libev. 2020-06-17 14:32:57 +02:00
W.C.A. Wijngaards
6e0756e819 - Fix default explanation in man page for qname-minimisation-strict. 2020-06-17 08:20:52 +02:00
W.C.A. Wijngaards
c053513cbd - Mention tls name possible when tls is enabled for stub-addr in the 
man page.
 2020-06-08 08:35:10 +02:00
George Thessalonikefs
062f7b7ba2 - Changelog entry for PR #241. 2020-05-27 18:25:29 +02:00
George Thessalonikefs
21cd836e82 - Update contrib/aaaa-filter-iterator.patch for the recent 
generate_sub_request() change and to apply cleanly.
 2020-05-25 11:49:48 +02:00
George Thessalonikefs
8af3d73b9b - Fix for integer overflow when printing RDF_TYPE_TIME. 2020-05-21 22:48:57 +02:00
W.C.A. Wijngaards
f37242566b - For PR #93: unit test for dynlib module. 2020-05-19 15:49:08 +02:00
W.C.A. Wijngaards
711c0548f0 - For PR #93: windows compile warnings removal 
- windows compile warnings removal for ip dscp option code.
 2020-05-19 14:36:57 +02:00
W.C.A. Wijngaards
a1d4e151ee - Release 1.10.1 is 1.10.0 with fixes, code repository continues, 
including those fixes, towards the next release.  Configure has
  version 1.10.2 version number in it.
 2020-05-19 10:29:37 +02:00
W.C.A. Wijngaards
ba0f382eee - CVE-2020-12662 Unbound can be tricked into amplifying an incoming 
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
  used to make Unbound unresponsive.
 2020-05-19 10:27:27 +02:00
W.C.A. Wijngaards
4ccac696ca - For PR #93: fix link of other executables for dynlibmod dependency. 2020-05-18 17:26:01 +02:00
W.C.A. Wijngaards
a238f35d7d - For PR #93: man page spelling reference fix. 2020-05-18 10:22:00 +02:00
W.C.A. Wijngaards
a77ebed550 - For PR #93: checkconf allows python dynlib in module-config, for 
a couple cases.
 2020-05-18 10:18:28 +02:00
W.C.A. Wijngaards
84e95d6c68 - For PR #93: checkconf allow multiple dynlib in module-config, for 
a couple cases.
 2020-05-18 10:16:40 +02:00
W.C.A. Wijngaards
01db6c365c - For PR #93: dynlibmod can handle reloads and deinit and inits again, 
with dlclose and dlopen of the library again.  Also for multiple
  modules.  Fix memory leak by not closing dlopened content.  Fix
  to allow one dynlibmod instance by unbound-checkconf.
 2020-05-18 10:11:16 +02:00
W.C.A. Wijngaards
510e79a053 - For PR #93: Fix warnings for dynlibmodule. 2020-05-15 16:42:45 +02:00
W.C.A. Wijngaards
2c8ebe6206 - Fixed conflicts for PR #93 and make configure, yacc, lex. 2020-05-15 14:55:36 +02:00
Ralph Dolmans
99fd6cf711 - Cache ECS answers with longest scope of CNAME chain. 2020-05-15 13:13:49 +02:00
George Thessalonikefs
a269db3828 - Explicitly use 'rrset-roundrobin: no' for test cases. 2020-04-22 19:27:20 +02:00
George Thessalonikefs
584c2cf804 - Fix tests for new rrset-roundrobin default. 2020-04-21 22:02:56 +02:00
W.C.A. Wijngaards
6320776b25 Changelog note for PR #225 
- Merge #225 from akhait: KSK-2010 has been revoked. It removes the
  KSK-2010 from the default list in unbound-anchor, now that the
  revocation period is over.  KSK-2017 is the only trust anchor in
  the shipped default now.
 2020-04-21 15:11:02 +02:00
George Thessalonikefs
226d66ca92 - Change default value for 'rrset-roundrobin' to yes. 2020-04-21 12:58:48 +02:00
W.C.A. Wijngaards
cee3098e87 - Remove unneeded was_mesh_reply check. 2020-04-20 15:35:45 +02:00
W.C.A. Wijngaards
00323b71d7 - Fix for count of reply states in the mesh. 2020-04-20 14:24:05 +02:00
W.C.A. Wijngaards
5151190dbc Fix that it is --enable-rpath, for #222. 2020-04-20 10:08:08 +02:00
W.C.A. Wijngaards
52ebdd85da - Fix #222: --with-rpath, fails to rpath python lib. 2020-04-20 10:04:34 +02:00
George Thessalonikefs
a4dcd5eb91 - Update Changelog for PR #221. 2020-04-17 11:41:47 +02:00
George Thessalonikefs
e18ab07c62 - Add doxygen documentation for DSCP. 2020-04-16 13:58:35 +02:00
W.C.A. Wijngaards
963cfb58be - Fix for posix shell syntax for trap in run_msg.sh test script. 2020-04-16 13:17:33 +02:00
W.C.A. Wijngaards
3cd288a9f2 - Fix for posix shell syntax for trap in nsd-control-setup. 2020-04-16 13:14:50 +02:00
W.C.A. Wijngaards
2193d06af6 Merge branch 'master' of github.com:NLnetLabs/unbound 2020-04-16 11:48:53 +02:00
W.C.A. Wijngaards
eed157d36e - Fix help return code in unbound-control-setup script. 2020-04-16 11:47:27 +02:00
George Thessalonikefs
8a87fc6ae7 - Fix #220: auth-zone section in config may lead to segfault. 2020-04-15 17:57:02 +02:00
W.C.A. Wijngaards
c7f1d2d889 - Merge PR #214 from gearnode: unbound-control-setup recreate 
certificates.  With the -r option the certificates are created
  again, without it, only the files that do not exist are created.
 2020-04-07 13:49:25 +02:00
Ralph Dolmans
03a37d1ff6 - Keep track of number of timeouts. Use this counter to determine if capsforid 
fallback should be started.
 2020-04-06 18:00:06 +02:00
George Thessalonikefs
33a2613a49 - More documentation for redis-expire-records option. 2020-04-06 13:46:45 +02:00
George Thessalonikefs
a601fd6d3c Merge branch 'Talkabout-redis-expire-records' 2020-04-01 17:24:07 +02:00
W.C.A. Wijngaards
94e92b197a - Merge PR #208: Fix uncached CLIENT_RESPONSE'es on stateful 
transports.
 2020-03-30 14:55:00 +02:00
W.C.A. Wijngaards
e9e2871f18 - Merge PR #207: Clarify if-automatic listens on 0.0.0.0 and :: 2020-03-30 10:27:44 +02:00
W.C.A. Wijngaards
8dc35cfce3 Changelog note for PR #203. 
- Merge PR #203 from noloader: Update README-Travis.md with current
  procedures.
 2020-03-27 16:07:03 +01:00
Ralph Dolmans
51593d47ac Make unbound-control error returned on missing domain name more user friendly. 2020-03-27 11:27:12 +01:00
Ralph Dolmans
e4eb76a5f3 - Fix RPZ concurrency issue when using auth_zone_reload. 2020-03-26 19:11:57 +01:00
George Thessalonikefs
40ed82f522 Changelog entry for #201 
- Merge PR #201 from noloader: Fix OpenSSL cross-compaile warnings.
 2020-03-25 14:10:27 +01:00
W.C.A. Wijngaards
2889be5e90 - Travis fix for ios by omitting tools from install. 2020-03-24 10:23:00 +01:00
W.C.A. Wijngaards
bcdc13514a - Fixes on #200. and rerun autoconf. 2020-03-24 09:32:04 +01:00
W.C.A. Wijngaards
311f163aed Changelog for #200 and bison, flex regenerate. 
- Merge PR #200 from yarikk: add ip-dscp option to specify the DSCP
  tag for outgoing packets.
 2020-03-24 09:25:05 +01:00
W.C.A. Wijngaards
cca5cfc88f - Fix compile on Solaris for unbound-checkconf. 2020-03-23 17:26:06 +01:00
George Thessalonikefs
ce7fd591c6 - Changelog note for PR #198: Declare lz_enter_rr_into_zone() static, 
it's only used in this file, by fobser.
 2020-03-20 13:06:43 +01:00
W.C.A. Wijngaards
e8aab3f3f4 Changelog note for #197. 
- Merge PR #197 from fobser: Make log_ident_revert_to_default() a
  proper prototype.
 2020-03-20 11:54:57 +01:00
Ralph Dolmans
7fa2b19389 - Fix .travis.yml error, missing 'env' option. 2020-03-19 18:11:22 +01:00
Ralph Dolmans
5f7d73ae88 - Merge PR#194: Add libevent testing to Travis, by Jeffrey Walton. 2020-03-19 17:59:08 +01:00
Ralph Dolmans
d0ee8c1cbd Add changelog entries for PR#134. 2020-03-19 17:37:27 +01:00
Ralph Dolmans
2c03028fa3 - Fix #158: open tls-session-ticket-keys as binary, for Windows. By Daisuke 
HIGASHI.
 2020-03-19 14:00:33 +01:00
Ralph Dolmans
acfa55713c - Merge PR#191: Update iOS testing on Travis, by Jeffrey Walton. 2020-03-19 10:55:39 +01:00
W.C.A. Wijngaards
e4268663e6 - Fix #192: In the unbound-checkconf tool, the module config of 
dns64 subnetcache respip validator iterator is whitelisted, it was
  reported it seems to work.
 2020-03-16 09:44:38 +01:00
Wouter Wijngaards
59fe188954 - Fix compile of test tools without protobuf. 2020-03-12 10:49:24 +01:00
Ralph Dolmans
28e6c86e61 - Add check to make sure RPZ records are subdomain of configured zone origin. 2020-03-11 17:37:50 +01:00
George Thessalonikefs
67b4ab2c90 - Changelog entry for (Fix #189, Merge PR #190). 2020-03-11 11:50:38 +01:00
W.C.A. Wijngaards
50bc604586 Changelog for #188 and configure script created. Removed unneeded whitespace. 2020-03-11 08:41:56 +01:00
George Thessalonikefs
730aa097f8 - Changelog note for PR #186: Fix unrecognized 'echo -n' option on OS X, 
by noloader.
 2020-03-06 11:59:13 +01:00
W.C.A. Wijngaards
93c92eeabb Fix changelog note, it is #182, not #184. 2020-03-05 17:03:28 +01:00
W.C.A. Wijngaards
b8540e1e70 Changelog note for #184. 
- Fix PR #184 from noloader: Add iOS testing to Travis.
 2020-03-05 17:02:20 +01:00
Ralph Dolmans
cd6bb00f2c - Update README-Travis.md (from PR #179), by Jeffrey Walton. 2020-03-04 12:02:10 +01:00
George Thessalonikefs
a1b2261b7b - Merge PR #180 from noloader: Avoid calling exit in Travis script. 2020-03-04 10:25:04 +01:00
W.C.A. Wijngaards
779d65208e Changelog note for PR#180 . 
- Merge PR#180 from noloader: Avoid calling exit in Travis script.
 2020-03-04 08:18:00 +01:00
George Thessalonikefs
114d650d32 - Upgrade config.guess(2020-01-01) and config.sub(2020-01-01). 2020-03-03 18:29:11 +01:00
George Thessalonikefs
f4eaf6c0ff - Merge PR #174: Add Android to Travis testing, by noloader. 
- Move android build scripts to contrib/ and allow android tests to fail.
 2020-03-02 15:17:59 +01:00
Ralph Dolmans
26f057d668 Merge branch 'noloader-openssl' 2020-03-02 14:14:25 +01:00
Ralph Dolmans
868ce6372d - Add github reference in changelog (Fix #175, Merge PR #176) 2020-03-02 14:13:20 +01:00
Ralph Dolmans
90040b24ce - Fix link error when OpenSSL is configured with no-engine, thanks noloader. 2020-03-02 14:06:10 +01:00
W.C.A. Wijngaards
4207b58700 - Fix #177: dnstap does not build on macOS. 2020-03-02 13:33:34 +01:00
George Thessalonikefs
c5897dc058 - Fix compiler warning in dns64/dns64.c. 2020-03-02 11:52:33 +01:00
W.C.A. Wijngaards
93189d3083 Changelog note for PR #164 and text for release explanation. 
- Merge PR #164: Framestreams, this branch implements dnstap
  unidirectional connectivity in unbound. This has a number of
  new features.

  The dependency on libfstrm is removed. The fstrm protocol code
  resides in dnstap/dnstap_fstrm.h and dnstap/dnstap_fstrm.c. This
  contains a brief definition of what unbound needs.

  The make unbound-dnstap-socket builds a debug tool,
  unbound-dnstap-socket. It can listen, accept multiple DNSTAP
  streams and print information. Commandline options control it.

  Unbound can reconnect if the unix domain socket file socket is
  closed. This uses exponential backoff after which it uses a
  one second timer to throttle cpu down. There is also support
  to use TCP and TLS for connecting to the log server. There
  are new config options to turn them on, in the dnstap section
  in the man page and example config file. dnstap-ip with IP
  address of server for TCP or TLS use. dnstap-tls to turn
  on TLS. And dnstap-tls-server-name, dnstap-tls-cert-bundle,
  dnstap-tls-client-key-file and dnstap-tls-client-cert-file
  to configure the certificates for server authentication and
  client authentication, or leave at "" to not use that.
 2020-02-28 15:23:54 +01:00
Ralph Dolmans
8f1cb41725 Merge PR #172: Add IBM s390x arch for testing, by noloader. 2020-02-28 11:42:17 +01:00
W.C.A. Wijngaards
d68c1e29b6 Changelog note for PR #173. 
- Merge PR #173: updated makedist.sh for config.guess and
  config.sub and sha256 digest for gpg, by noloader.
 2020-02-28 10:15:57 +01:00
George Thessalonikefs
9efe85fb4c - Merge PR #171: Add additional compilers and platforms to Travis 
testing, by noloader.
 2020-02-27 18:13:22 +01:00
W.C.A. Wijngaards
6f4818ebcb - Fix more undefined sanitizer issues, in respip copy_rrset null 
dname, and in the client_info_compare routine for null memcmp.
 2020-02-27 15:43:27 +01:00
W.C.A. Wijngaards
57bbbfc0e6 - Fix #170: Fix gcc undefined sanitizer signed integer overflow 
warning in signature expiry RFC1982 serial number arithmetic.
 2020-02-27 15:22:35 +01:00
W.C.A. Wijngaards
348e246b66 - Fix #169: Fix warning for daemon/remote.c output may be truncated 
from snprintf.
 2020-02-27 15:08:10 +01:00
W.C.A. Wijngaards
f469049198 - iana portlist updated. 2020-02-26 14:32:14 +01:00
W.C.A. Wijngaards
318d4e91cc - Fix #165: Add prefer-ip4: yesno config option to prefer ipv4 for 
using ipv4 filters, because the hosts ip6 netblock /64 is not owned
  by one operator, and thus reputation is shared.
 2020-02-25 09:55:59 +01:00
George Thessalonikefs
f99dd8f6dc Changelog note for PR #166. 
- Merge PR #166: Fix typo in unbound.service.in, by glitsj16.
 2020-02-24 12:01:20 +01:00
W.C.A. Wijngaards
d2a843b422 - master branch has 1.10.1 version. 2020-02-20 14:42:58 +01:00
W.C.A. Wijngaards
6d7e0d68cf Note tag position in Changelog. 2020-02-20 14:41:39 +01:00
W.C.A. Wijngaards
ec0d6f196e - Updated contrib/unbound_smf23.tar.gz with Solaris SMF service for 
Unbound from Yuri Voinov.
 2020-02-20 09:17:24 +01:00
W.C.A. Wijngaards
6accd3d681 - protect X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS with ifdef for 
different openssl versions.
 2020-02-18 08:31:38 +01:00
W.C.A. Wijngaards
85fd23769f - changelog point where the tag for 1.10.0rc2 release is. 2020-02-17 15:24:29 +01:00
Ralph Dolmans
fe5370a98a - Add respip to supported module-config options in unbound-checkconf. 2020-02-17 13:36:30 +01:00
George Thessalonikefs
4b354d38c1 - Remove unused variable. 2020-02-17 12:56:20 +01:00
W.C.A. Wijngaards
a9b7638f4b Neater changelog 2020-02-17 10:10:44 +01:00
W.C.A. Wijngaards
42fdfd8121 - contrib/drop2rpz: perl script that converts the Spamhaus DROP-List 
in RPZ-Format, contributed by Andreas Schulze.
 2020-02-17 10:09:46 +01:00
W.C.A. Wijngaards
2665ae0414 - Stop unbound-checkconf from insisting that auth-zone and rpz 
zonefiles have to exist.  They can not exist, and download later.
 2020-02-14 07:57:57 +01:00
W.C.A. Wijngaards
77bdbc6e98 - Fix spelling in unbound.conf.5.in. 2020-02-14 07:54:49 +01:00
W.C.A. Wijngaards
00d622bed7 - updated version number to 1.10.0. 2020-02-12 12:51:35 +01:00
W.C.A. Wijngaards
9e193be648 - Fix compile warning when threads disabled. 2020-02-12 11:55:02 +01:00
W.C.A. Wijngaards
7dcfe531e4 - Fix to clean memory leak of respip_addr.lock when ip_tree deleted. 2020-02-12 11:49:26 +01:00
W.C.A. Wijngaards
e965775064 - Fix contrib/fastrpz.patch to apply cleanly. Fix for serve-stale 
fixes, but it does not compile, conflicts with new rpz code.
 2020-02-12 11:29:55 +01:00
W.C.A. Wijngaards
6e13c6f401 - Fix contrib/fastrpz.patch to apply cleanly. 2020-02-12 11:24:59 +01:00
W.C.A. Wijngaards
2916cfb3b0 - Fix with libnettle make test with dsa disabled. 2020-02-12 11:15:24 +01:00
George Thessalonikefs
adda4f6ace - Fix use after free on log-identity after a reload; Fixes #163. 2020-02-10 13:56:22 +01:00
George Thessalonikefs
c316b1d7d5 - Document 'ub_result.was_ratelimited' in libunbound. 2020-02-10 10:31:47 +01:00
W.C.A. Wijngaards
aee3706f66 - Fix to put braces around empty if body when threading is disabled. 2020-02-06 15:33:02 +01:00
George Thessalonikefs
8e135d5f59 - Document in unbound.conf manpage that configuration clauses can be repeated in the configuration file. 2020-02-06 14:39:58 +01:00
George Thessalonikefs
5d6358b66d - Cleaner code for mesh_serve_expired_lookup. 2020-02-06 14:38:01 +01:00
W.C.A. Wijngaards
4089147351 - Fix to lock and release once in mesh_serve_expired_lookup. 2020-02-06 14:01:45 +01:00
W.C.A. Wijngaards
18ea62e369 - Fix to lock zone before adding rpz qname trigger. 2020-02-06 12:22:15 +01:00
W.C.A. Wijngaards
d000523b00 - Fix to create and destroy rpz_lock in auth_zones structure. 2020-02-06 11:51:17 +01:00
George Thessalonikefs
0758d29324 - Fix num_reply_states and num_detached_states counting with 
serve_expired_callback.
 2020-02-06 11:44:48 +01:00
W.C.A. Wijngaards
af7abd4dfd - Fix num_reply_addr counting in mesh and tcp drop due to size 
after serve_stale commit.
 2020-02-06 11:09:30 +01:00
gthess
f7fe95ad7b
Serve stale (#159) 
- Added serve-stale functionality as described in
  draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
  to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107.
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
  come with a configurable TTL value (`serve-expired-reply-ttl`).
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
 2020-02-05 14:20:27 +01:00
Ralph Dolmans
8c88ab4747 - Add assertion to please static analyzer 2020-02-03 16:44:21 +01:00
W.C.A. Wijngaards
7495b25f94 - Fix fclose on error in TLS session ticket code. 2020-01-31 07:49:14 +01:00
Ralph Dolmans
810862dc65 - Stop working on socket when socket() call returns an error. 
- Check malloc return values in TLS session ticket code
 2020-01-30 19:15:58 +01:00
W.C.A. Wijngaards
a4244e79ca - Add getentropy_freebsd.o to Makefile dependencies. 2020-01-30 16:15:51 +01:00
W.C.A. Wijngaards
833021d84d - Add build rule for ipset to Makefile 2020-01-30 16:12:39 +01:00
Ralph Dolmans
2c459443da - Add changelog entry for RPZ merge 2020-01-30 16:04:27 +01:00
Ralph Dolmans
d69ba6f39f - Add changelog entry for memory leak fix 2020-01-30 15:47:49 +01:00
Ralph Dolmans
5dc6798e75 Merge branch 'master' of github.com:NLnetLabs/unbound 2020-01-30 14:58:25 +01:00
Ralph Dolmans
4f5b934688 - Fix small memory leak in error condition remote.c 
- Fix double free in error condition view.c
 2020-01-30 14:56:48 +01:00
W.C.A. Wijngaards
a5f133ef2f - updated .gitignore for added contrib file. 2020-01-30 14:20:08 +01:00
W.C.A. Wijngaards
de5c0d4228 Changelog note for PR#151. 
- Merge PR#151: Fixes for systemd units, by Maryse47, Edmonds
  and Frzk.  Updates the unbound.service systemd file and adds
  a portable systemd service file.
 2020-01-30 14:11:41 +01:00
W.C.A. Wijngaards
20a2574da1 - Update contrib/fastrpz.patch for clean diff with current code. 2020-01-30 13:05:35 +01:00
W.C.A. Wijngaards
bf13191b87 - Fix subnet tests for disabled DSA algorithm by default. 2020-01-30 09:08:19 +01:00
Ralph Dolmans
4326b10169 - Add PR#156 merge to changelog (Added unbound-control view_local_datas_remove 
command)
 2020-01-29 15:46:05 +01:00
W.C.A. Wijngaards
079de39b46 - Fix #157: undefined reference to `htobe64'. 2020-01-29 11:56:29 +01:00
W.C.A. Wijngaards
6c0a863584 - Fix to silence the tls handshake errors for broken pipe and reset 
by peer, unless verbosity is set to 2 or higher.
 2020-01-28 14:32:06 +01:00
Ralph Dolmans
a930b94658 - Add PR#147 merge to changelog 2020-01-28 13:41:26 +01:00
W.C.A. Wijngaards
f6287fc718 - iana portlist updated. 2020-01-28 12:25:37 +01:00
Ralph Dolmans
0feee99055 - Add changelog entry for PR#148. 2020-01-27 16:06:06 +01:00
Ralph Dolmans
41621fb1df - Add changelog entry for RP#154 
- autoconf after PR#154
 2020-01-27 15:50:12 +01:00
W.C.A. Wijngaards
68ff1730ac - Fix #153: Disable validation for DSA algorithms. RFC 8624 
compliance.
 2020-01-27 09:40:18 +01:00
W.C.A. Wijngaards
82a6a2f8cc Changelog note for PR#155. 
- Merge PR#155 from Rober Edmonds: contrib/libunbound.pc.in: Fixes
  to Libs/Requires for crypto library dependencies.
 2020-01-27 09:31:07 +01:00
W.C.A. Wijngaards
61456ff81d Changelog and contrib/README note for PR#150. 
- Merge PR#150 from Frzk: Systemd unit without chroot.  It add
  contrib/unbound_nochroot.service.in, a systemd file for use with
  chroot: "", see comments in the file, it uses systemd protections
  instead.
 2020-01-23 16:16:52 +01:00
W.C.A. Wijngaards
1e0c957dcd - Fix auth zone support for NSEC3 records without salt. 2020-01-14 16:03:29 +01:00
W.C.A. Wijngaards
ea26e5038e - Fix for memory leak when edns subnet config options are read when 
compiled without edns subnet support.
 2020-01-14 15:48:27 +01:00
W.C.A. Wijngaards
2c4be0c201 - Fix crash after reload where a stats lookup could reference old key 
cache and neg cache structures.
 2020-01-14 15:18:52 +01:00
W.C.A. Wijngaards
9b3f3101e3 - Removed the dnscrypt_queries and dnscrypt_queries_chacha tests, 
because dnscrypt-proxy (2.0.36) does not support the test setup
  any more, and also the config file format does not seem to have
  the appropriate keys to recreate that setup.
 2020-01-14 14:40:44 +01:00
W.C.A. Wijngaards
e149bc7046 - Fix unreachable code in ssl set options code. 2020-01-10 11:28:01 +01:00
W.C.A. Wijngaards
a8db52120b - Fix the relationship between serve-expired and prefetch options, 
patch from Saksham Manchanda from Secure64.
 2020-01-10 10:04:50 +01:00
Ralph Dolmans
92a525225b - Add changelog entry for fix #138 (stop binding pidfile inside chroot dir in 
systemd service file).
 2020-01-08 16:36:18 +01:00
W.C.A. Wijngaards
c4e199ecca - And update for more spare space. 2020-01-08 12:58:07 +01:00
W.C.A. Wijngaards
5ae1544583 - Updated sldns_bget_token_par fix for also space for the zero 
delimiter after the character.
 2020-01-08 11:55:42 +01:00
W.C.A. Wijngaards
05a5dc2d0d - Fix out-of-bounds null-byte write in sldns_bget_token_par while 
parsing type WKS, reported by Luis Merino from X41 D-Sec.
 2020-01-08 11:08:16 +01:00
W.C.A. Wijngaards
19473d95eb - Fix 'make test' to work for --disable-sha1 configure option. 2020-01-08 09:23:46 +01:00
George Thessalonikefs
8686b0abbf - Changes to compat/getentropy_solaris.c for, 
ifdef stdint.h inclusion for older systems.
  ifdef sha2.h inclusion for older systems.
 2020-01-07 15:19:15 +02:00
George Thessalonikefs
d68ece28c4 - Downgrade compat/getentropy_solaris.c to version 1.4 from OpenBSD. 
The dl_iterate_phdr() function introduced in newer versions raises
  compilation errors on solaris 10.
 2020-01-07 15:06:14 +02:00
W.C.A. Wijngaards
453c84b237 - Fix #140: Document slave not downloading new zonefile upon update. 2020-01-06 16:36:44 +01:00
W.C.A. Wijngaards
20a3d3be5f (Changelog note for #135). 
- Merge #135 from Florian Obser: Use passed in neg and key cache
  if non-NULL.
 2020-01-06 16:18:46 +01:00
George Thessalonikefs
1d45b4a1e0 - Update mailing list URL. 2019-12-16 16:03:31 +01:00
Ralph Dolmans
90b42b56b6 - Fix typo to let serve-expired-ttl work with ub_ctx_set_option(), by 
Florian Obser
 2019-12-12 13:05:09 +01:00
Ralph Dolmans
f1d5d5d682 Make master 1.9.7 in development. 2019-12-12 12:48:29 +01:00
W.C.A. Wijngaards
41d3e2027c - Fix to make auth zone IXFR to fallback to AXFR if a single 
response RR is received over TCP with the SOA in it.
 2019-12-10 13:09:50 +01:00
W.C.A. Wijngaards
e828d678ba - Fix Makefile.in for ipset module compile, from Adi Prasaja. 2019-12-06 11:31:34 +01:00
W.C.A. Wijngaards
f3c2d05728 - Fix ipsecmod compile. 2019-12-06 07:59:55 +01:00
W.C.A. Wijngaards
4b73b5f299 - tag for 1.9.6rc1. 2019-12-05 11:21:46 +01:00
W.C.A. Wijngaards
ff7d68ca53 - unbound-fuzzers.tar.bz2: three programs for fuzzing, that are 1:1 
replacements for unbound-fuzzme.c that gets created after applying
  the contrib/unbound-fuzzme.patch.  They are contributed by
  Eric Sesterhenn from X41 D-Sec.
 2019-12-05 09:10:49 +01:00
W.C.A. Wijngaards
3fb98a72d2 - Fix Make Test Fails when Configured With --enable-alloc-nonregional, 
reported by X41 D-Sec.
 2019-12-04 16:23:52 +01:00
W.C.A. Wijngaards
6e8b4a7796 - update contrib/fastrpz.patch to apply more cleanly. 2019-12-04 11:41:13 +01:00
W.C.A. Wijngaards
6f7eb3ea9f - Fix testbound for alloccheck runs, memory purify and lock checks. 2019-12-04 11:37:24 +01:00
W.C.A. Wijngaards
216747bb17 - Fix lock type for memory purify log lock deletion. 2019-12-04 09:44:31 +01:00
W.C.A. Wijngaards
8f79119826 - make depend 2019-12-03 17:28:51 +01:00
W.C.A. Wijngaards
4106308bd5 - Fix Hardcoded Constant, reported by X41 D-Sec. 2019-12-03 17:23:38 +01:00
W.C.A. Wijngaards
c4c1f9e5ef - Fix _vfixed not Used, removed from sbuffer code, 
reported by X41 D-Sec.
 2019-12-03 17:07:35 +01:00
W.C.A. Wijngaards
b6f0b1af86 - Fix compile error in dnscrypt. 2019-12-03 16:44:24 +01:00
W.C.A. Wijngaards
68027ab145 - Fix Client NONCE Generation used for Server NONCE, 
reported by X41 D-Sec.
 2019-12-03 16:42:14 +01:00
W.C.A. Wijngaards
4a7ebfabcf - Fix Bad Indentation, in dnscrypt.c, 
reported by X41 D-Sec.
 2019-12-03 16:34:53 +01:00
W.C.A. Wijngaards
9ce6119513 - Fix snprintf() supports the n-specifier, 
reported by X41 D-Sec.
 2019-12-03 16:29:18 +01:00