upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-21 15:21:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6058 commits 23 branches 209 tags 123 MiB
Commit graph

323 commits

Author SHA1 Message Date
Willem Toorop
48ad6477eb AXFR over TLS 
Enable by specifying an auth name, like this:
```
auth-zone:
        name: nlnetlabs.nl
        master: 185.49.140.60#ns.nlnetlabs.nl
```
 2019-03-24 10:43:57 +01:00
Wouter Wijngaards
bb5251da66 - Add log message, at verbosity 4, that says the query is encrypted 
with TLS, if that is enabled for the query.


git-svn-id: file:///svn/unbound/trunk@5136 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-03-18 08:41:39 +00:00
Ralph Dolmans
723845b350 - Fix case in which query timeout can result in marking delegation as 
edns_lame_known.


git-svn-id: file:///svn/unbound/trunk@5089 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-30 13:44:19 +00:00
Ralph Dolmans
f30fe71395 - Get ready for the DNS flag day: remove EDNS lame procedure, do not re-query 
without EDNS after timeout.


git-svn-id: file:///svn/unbound/trunk@5037 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-16 10:23:13 +00:00
Wouter Wijngaards
1b72e814e7 - Fixup openssl 1.0.2 compile 
git-svn-id: file:///svn/unbound/trunk@5019 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-12-10 14:36:43 +00:00
Wouter Wijngaards
71b078611f - Fix #4206: support openssl 1.0.2 for TLS hostname verification, 
alongside the 1.1.0 and later support that is already there.


git-svn-id: file:///svn/unbound/trunk@5018 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-12-10 14:27:24 +00:00
Wouter Wijngaards
b23c373f4d - Refuse to start with no ports. 
git-svn-id: file:///svn/unbound/trunk@4997 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-29 14:26:16 +00:00
Wouter Wijngaards
2d28fba3bf - Squelch log of failed to tcp initiate after TCP Fastopen failure. 
git-svn-id: file:///svn/unbound/trunk@4937 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-08 13:27:53 +00:00
Wouter Wijngaards
377d5b426a - Add SSL cleanup for tcp timeout. 
git-svn-id: file:///svn/unbound/trunk@4915 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-25 09:01:13 +00:00
Wouter Wijngaards
f82a128909 - Perform TLS SNI indication of the host that is being contacted 
for DNS over TLS service.  It sets the configured tls auth name.
  This is useful for hosts that apart from the DNS over TLS services
  also provide other (web) services.


git-svn-id: file:///svn/unbound/trunk@4914 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-25 08:31:42 +00:00
Wouter Wijngaards
9b6caf5a5b - Fix that with harden-below-nxdomain and qname minisation enabled 
some iterator states for nonresponsive domains can get into a
  state where they waited for an empty list.
- Stop UDP to TCP failover after timeouts that causes the ping count
  to be reset by the TCP time measurement (that exists for TLS),
  because that causes the UDP part to not be measured as timeout.


git-svn-id: file:///svn/unbound/trunk@4912 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-17 11:25:52 +00:00
Wouter Wijngaards
4bf9d12419 - Fix for 4126 that the #define for UNKNOWN_SERVER_NICENESS can be more 
easily changed to adjust default rtt assumptions.


git-svn-id: file:///svn/unbound/trunk@4779 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-12 14:15:03 +00:00
Wouter Wijngaards
5d298ed474 - Fix permission denied printed for auth zone probe random port nrs. 
git-svn-id: file:///svn/unbound/trunk@4769 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-03 13:58:49 +00:00
Wouter Wijngaards
23f475bccc - Tentative fix for permission denied on IPv6 address on FreeBSD. 
git-svn-id: file:///svn/unbound/trunk@4754 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-26 08:01:44 +00:00
Wouter Wijngaards
b9607297e9 - For TCP and TLS connections that don't establish, perform address 
update in infra cache, so future selections can exclude them.


git-svn-id: file:///svn/unbound/trunk@4693 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-25 06:21:39 +00:00
Wouter Wijngaards
6fefbb4115 - Fix fail to reject dead peers in forward-zone, with ssl-upstream. 
git-svn-id: file:///svn/unbound/trunk@4670 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-02 06:36:02 +00:00
Wouter Wijngaards
9d28279475 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: file:///svn/unbound/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
Wouter Wijngaards
5c8819f1ac - Fix for windows compile. 
git-svn-id: file:///svn/unbound/trunk@4563 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-06 09:18:53 +00:00
Wouter Wijngaards
54bd1fdd62 - tls-cert-bundle option in unbound.conf enables TLS authentication. 
git-svn-id: file:///svn/unbound/trunk@4532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 10:35:09 +00:00
Wouter Wijngaards
ad89368b4e auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4521 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 11:59:30 +00:00
Wouter Wijngaards
75eb720ab5 auth zone work on http feature. 
git-svn-id: file:///svn/unbound/trunk@4517 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-07 16:10:31 +00:00
Wouter Wijngaards
cc9a0671f3 auth zone socket creation fix. 
git-svn-id: file:///svn/unbound/trunk@4489 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-01 15:43:00 +00:00
Wouter Wijngaards
84e819dc31 auth zone move file descriptor functionality to outside network 
for the unit test


git-svn-id: file:///svn/unbound/trunk@4482 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 14:59:17 +00:00
Wouter Wijngaards
30da6bde6f - authzone work, transfer connect. 
git-svn-id: file:///svn/unbound/trunk@4420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-12 15:39:45 +00:00
Wouter Wijngaards
7d17a926ac - Spelling fixes, from Phil Porada. 
git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
Wouter Wijngaards
b320c7ebd5 - Fix issue on macOX 10.10 where TCP fast open is detected but not 
implemented causing TCP to fail. The fix allows fallback to regular
  TCP in this case and is also more robust for cases where connectx()
  fails for some reason.


git-svn-id: file:///svn/unbound/trunk@4304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-21 11:44:46 +00:00
Wouter Wijngaards
7ebe1fe115 - More fixes in depth for buffer checks in 0x20 qname checks. 
git-svn-id: file:///svn/unbound/trunk@4225 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:34:44 +00:00
Wouter Wijngaards
843bd4156e - Fix #1280: Unbound fails assert when response from authoritative 
contains malformed qname.  When 0x20 caps-for-id is enabled, when
  assertions are not enabled the malformed qname is handled correctly.
- 1.6.3 tag created, with only #1280 fix, trunk is 1.6.4 development.


git-svn-id: file:///svn/unbound/trunk@4224 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:25:47 +00:00
Wouter Wijngaards
4e502fd624 - Set SO_REUSEADDR on outgoing tcp connections to fix the bind before 
connect limited tcp connections.  With the option tcp connections
  can share the same source port (for different destinations).


git-svn-id: file:///svn/unbound/trunk@4151 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-08 10:41:03 +00:00
Wouter Wijngaards
ad2e157763 - Fix tcp-mss failure printout text. 
git-svn-id: file:///svn/unbound/trunk@4150 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-08 07:15:48 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
Wouter Wijngaards
cd7db58ce3 - configure --enable-systemd and lets unbound use systemd sockets if 
you enable use-systemd: yes in unbound.conf.
  Also there are contrib/unbound.socket and contrib/unbound.service:
  systemd files for unbound, install them in /usr/lib/systemd/system.
  Contributed by Sami Kerola and Pavel Odintsov.



git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:43:29 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Wouter Wijngaards
2127c65561 - Fix dnstap relaying "random" messages instead of resolver/forwarder 
responses, from Nikolay Edigaryev.


git-svn-id: file:///svn/unbound/trunk@3869 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-27 11:56:55 +00:00
Wouter Wijngaards
42f14e7c4d - Fix #802: workaround for function parameters that are "unused" 
without log_assert.


git-svn-id: file:///svn/unbound/trunk@3823 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-22 07:05:52 +00:00
Wouter Wijngaards
e71f0b2f34 - Fix #798: Client-side TCP fast open fails (Linux). 
git-svn-id: file:///svn/unbound/trunk@3819 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-18 13:54:32 +00:00
Wouter Wijngaards
95e9dff362 - TCP Fast open patch from Sara Dickinson. 
git-svn-id: file:///svn/unbound/trunk@3814 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-14 07:06:34 +00:00
Wouter Wijngaards
48ca4dc880 lint. 
git-svn-id: file:///svn/unbound/trunk@3813 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-07 10:31:50 +00:00
Wouter Wijngaards
1394dcba69 - Fix #787: outgoing-interface netblock/64 ipv6 option to use linux 
freebind to use 64bits of entropy for every query with random local
  part.


git-svn-id: file:///svn/unbound/trunk@3804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-04 14:51:30 +00:00
Wouter Wijngaards
031caba9c0 - and also generic edns options for upstream messages (and replies). 
after parse use edns_opt_find(edns.opt_list, LDNS_EDNS_NSID),
  to insert use edns_opt_append(edns, region, code, len, bindata) on
  the opt_list passed to send_query, or in edns_opt_inplace_reply.


git-svn-id: file:///svn/unbound/trunk@3742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:55:22 +00:00
Wouter Wijngaards
3904c2be9a fixup upstream edns opts. 
git-svn-id: file:///svn/unbound/trunk@3741 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 15:52:33 +00:00
Wouter Wijngaards
3e41fd11fc - Fix #759: 0x20 capsforid no longer checks type PTR, for 
compatibility with cisco dns guard.  This lowers false positives.


git-svn-id: file:///svn/unbound/trunk@3715 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-28 07:24:50 +00:00
Wouter Wijngaards
636e2ef520 please lint. 
git-svn-id: file:///svn/unbound/trunk@3704 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-18 12:39:16 +00:00
Wouter Wijngaards
f64c2d8d08 Slightly more general (i.e. for TYPE0 too). 
git-svn-id: file:///svn/unbound/trunk@3703 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-18 12:23:21 +00:00
Wouter Wijngaards
0d5d685514 Explain what we do. 
git-svn-id: file:///svn/unbound/trunk@3702 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-18 12:00:57 +00:00
Wouter Wijngaards
e77a3a9941 - Fix some malformed reponses to edns queries get fallback to nonedns. 
git-svn-id: file:///svn/unbound/trunk@3701 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-18 11:56:55 +00:00
Wouter Wijngaards
9f8b2bb468 - ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for 
binding to an IP address while the interface or address is down.


git-svn-id: file:///svn/unbound/trunk@3673 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-15 09:35:48 +00:00
Wouter Wijngaards
4f1625afb7 - Fix #747: assert in outnet_serviced_query_stop. 
git-svn-id: file:///svn/unbound/trunk@3646 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-07 10:00:08 +00:00
Wouter Wijngaards
dd8b5729f2 Fix signed-unsigned lint warnings in tcp-mss. 
git-svn-id: file:///svn/unbound/trunk@3592 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:08:37 +00:00
Wouter Wijngaards
5d0ad681a2 - #731: tcp-mss, outgoing-tcp-mss options for unbound.conf, patch 
from Daisuke Higashi.


git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:03:59 +00:00
Wouter Wijngaards
f03d3b870e - caps-whitelist in unbound.conf allows whitelist of loadbalancers 
that cannot work with caps-for-id or its fallback.


git-svn-id: file:///svn/unbound/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 12:36:16 +00:00
Wouter Wijngaards
e0631733a6 - Fix crash in dnstap: Do not try to log TCP responses after timeout. 
git-svn-id: file:///svn/unbound/trunk@3390 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-08 19:58:06 +00:00
Wouter Wijngaards
b2bdce46be - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
Wouter Wijngaards
77088b12ff - Add ip-transparent config option for bind to non-local addresses. 
git-svn-id: file:///svn/unbound/trunk@3369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-19 09:50:35 +00:00
Wouter Wijngaards
339a6be27d More unsigned chasts for toupper/tolower/ctype 
git-svn-id: file:///svn/unbound/trunk@3242 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-10-13 08:35:00 +00:00
Wouter Wijngaards
6a7193a016 - Fix tcp timer waiting list removal code. 
git-svn-id: file:///svn/unbound/trunk@3222 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-09-16 13:08:27 +00:00
Wouter Wijngaards
4153f386d1 remove warning. 
git-svn-id: file:///svn/unbound/trunk@3213 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-22 13:38:30 +00:00
Wouter Wijngaards
8ccba42b1f - dnstap support, with a patch from Farsight Security, written by 
Robert Edmonds. The --enable-dnstap needs libfstrm and protobuf-c.
  It is BSD licensed (see dnstap/dnstap.c).
  Building with --enable-dnstap needs pkg-config with this patch.
- Noted dnstap in doc/README and doc/CREDITS.


git-svn-id: file:///svn/unbound/trunk@3206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-05 07:57:52 +00:00
Wouter Wijngaards
bc7f906590 - Fix caps-for-id fallback, and added fallback attempt when servers 
drop 0x20 perturbed queries.


git-svn-id: file:///svn/unbound/trunk@3146 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-24 08:24:28 +00:00
Wouter Wijngaards
c19f818c52 - Fix #545: improved logging, the ip address of the error is printed 
on the same log-line as the error.


git-svn-id: file:///svn/unbound/trunk@3112 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-10 14:40:20 +00:00
Wouter Wijngaards
330b3219a0 - unbound-control stats prints num.query.tcpout with number of TCP 
outgoing queries made in the previous statistics interval.


git-svn-id: file:///svn/unbound/trunk@3108 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-10 09:13:58 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
Wouter Wijngaards
0fbe678e68 - delay-close does not act if there are udp-wait queries, so that 
it does not make a socketdrain DoS easier.


git-svn-id: file:///svn/unbound/trunk@3059 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-30 09:27:00 +00:00
Wouter Wijngaards
d8e5a83392 - delay-close: msec option that delays closing ports for which 
the UDP reply has timed out.  Keeps the port open, only accepts
  the correct reply.  This correct reply is not used, but the port
  is open so that no port-denied ICMPs are generated.


git-svn-id: file:///svn/unbound/trunk@3058 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-28 14:35:55 +00:00
Wouter Wijngaards
958b2bcf96 - reuseport is attempted, then fallback to without on failure. 
git-svn-id: file:///svn/unbound/trunk@3054 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-27 10:27:19 +00:00
Wouter Wijngaards
60511959ab - so-reuseport: yesno option to distribute queries evenly over 
threads on Linux (Thanks Robert Edmonds).


git-svn-id: file:///svn/unbound/trunk@3049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-24 11:43:38 +00:00
Wouter Wijngaards
d3cbd76546 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: file:///svn/unbound/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00
Wouter Wijngaards
29e96e86c9 - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: file:///svn/unbound/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
Wouter Wijngaards
d6e6354f36 - Set SO_REUSEADDR so that the wildcard interface and a more specific 
interface port 53 can be used at the same time, and one of the
  daemons is unbound.


git-svn-id: file:///svn/unbound/trunk@2996 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:06:11 +00:00
Wouter Wijngaards
5db366f99f - review fixes from Willem. 
git-svn-id: file:///svn/unbound/trunk@2945 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-22 14:10:29 +00:00
Wouter Wijngaards
c845aceee4 - more fixes that I overlooked. 
git-svn-id: file:///svn/unbound/trunk@2944 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-22 07:33:51 +00:00
Wouter Wijngaards
f1fd2b53eb - Fix for 2038, with time_t instead of uint32_t. 
git-svn-id: file:///svn/unbound/trunk@2939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 12:23:42 +00:00
Wouter Wijngaards
501c63598b ifs for portability with NSS. 
git-svn-id: file:///svn/unbound/trunk@2853 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-22 15:16:27 +00:00
Matthijs Mekking
5361b081d3 review, found nothing, except for layout and typo 
git-svn-id: file:///svn/unbound/trunk@2785 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-12-03 14:28:06 +00:00
Wouter Wijngaards
9046a52364 - Fix that enables modules to register twice for the same 
serviced_query, without race conditions or administration issues.
  This should not happen with the current codebase, but it is robust.


git-svn-id: file:///svn/unbound/trunk@2730 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-31 11:33:06 +00:00
Wouter Wijngaards
42e23da129 Fix compilation without SSL. 
git-svn-id: file:///svn/unbound/trunk@2698 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-22 09:11:41 +00:00
Wouter Wijngaards
9429092966 - Fix to squelch 'network unreachable' errors from tcp connect in 
logs, high verbosity will show them.


git-svn-id: file:///svn/unbound/trunk@2634 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-23 09:01:46 +00:00
Wouter Wijngaards
682ff957ed lint and doxygen fixes. 
git-svn-id: file:///svn/unbound/trunk@2631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 10:08:07 +00:00
Wouter Wijngaards
09b9ea04a3 - Fix timeouts to keep track of query type, A, AAAA and other, if 
another has caused timeout blacklist, different type can still probe.


git-svn-id: file:///svn/unbound/trunk@2613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 12:17:25 +00:00
Wouter Wijngaards
1238b7979f - Fix for memory leak (about 20 bytes when a tcp or udp send 
operation towards authority servers failed, takes about 50.000
such failures to leak one Mb, such failures are also
usually logged), reported by Robert Fleischmann.



git-svn-id: file:///svn/unbound/trunk@2578 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-24 11:27:53 +00:00
Wouter Wijngaards
35172e89f4 - Fix for tcp-upstream and ssl-upstream for if a laptop sleeps, 
causes SERVFAILs.  Also fixed for UDP (but less likely).


git-svn-id: file:///svn/unbound/trunk@2559 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-30 13:39:11 +00:00
Wouter Wijngaards
a1c76554a2 - Makefile changed for BSD make compatibility. 
git-svn-id: file:///svn/unbound/trunk@2544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-10 18:44:06 +00:00
Wouter Wijngaards
9a0b040403 fix tests, the ssl upstream setting is per-query (inside outside_network.c). 
git-svn-id: file:///svn/unbound/trunk@2535 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-01 10:18:56 +00:00
Wouter Wijngaards
115c36a94e support for ssl-upstream (works from unbound-control). 
git-svn-id: file:///svn/unbound/trunk@2532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-01 09:26:58 +00:00
Wouter Wijngaards
aa0536dcb5 - dns over ssl support, ssl-service-pem and ssl-service-key files 
can be given and then TCP queries are serviced wrapped in SSL.


git-svn-id: file:///svn/unbound/trunk@2530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-31 14:48:48 +00:00
Wouter Wijngaards
11f5e16932 infra cache consolidated and stores per zone, IP. 
git-svn-id: file:///svn/unbound/trunk@2525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-26 15:46:23 +00:00
Wouter Wijngaards
68d82e9ce4 - TCP-upstream calculates tcp-ping so server selection works if there 
are alternatives.


git-svn-id: file:///svn/unbound/trunk@2502 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-23 12:56:28 +00:00
Wouter Wijngaards
f82a0847eb - max sent count. EDNS1480 only for rtt < 5000. No promiscuous 
fetch if sentcount > 3, stop query if sentcount > 16.  Count is
reset when referral or CNAME happens.  This makes unbound better
at managing large NS sets, they are explored when there is continued
interest (in the form of queries).


git-svn-id: file:///svn/unbound/trunk@2499 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 14:11:12 +00:00
Wouter Wijngaards
b72d40f3dd - fix various compiler warnings (reported by Paul Wouters). 
git-svn-id: file:///svn/unbound/trunk@2497 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 11:35:01 +00:00
Wouter Wijngaards
c4cac78f10 fix EDNS1480. 
git-svn-id: file:///svn/unbound/trunk@2496 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 10:04:08 +00:00
Wouter Wijngaards
365f87a4a4 fix memleak and add edns section when 1480 probe. 
git-svn-id: file:///svn/unbound/trunk@2493 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-15 15:35:04 +00:00
Wouter Wijngaards
1af30c02fc After UDP timeout EDNS1480 probe, stop fragmentation caused trouble. 
git-svn-id: file:///svn/unbound/trunk@2492 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-15 14:32:17 +00:00
Wouter Wijngaards
af93d6033c revert earlier commit. 
git-svn-id: file:///svn/unbound/trunk@2488 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-12 11:28:14 +00:00
Wouter Wijngaards
d56aef7b33 - Fix validation failures due to EDNS backoff retries, the retry 
for fetch of data has want_dnssec because the iter_indicate_dnssec
         function returns true when validation failure retry happens, and
         then the serviced query code does not fallback to noEDNS, even if
         the cache says it has this.  This helps for DLV deployment when
         the DNSSEC status is not known for sure before the lookup concludes.


git-svn-id: file:///svn/unbound/trunk@2483 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-26 09:00:43 +00:00
Wouter Wijngaards
05e118b7d5 tcp upstream option. 
git-svn-id: file:///svn/unbound/trunk@2480 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 13:58:40 +00:00
Wouter Wijngaards
79f4ca6a28 Fix storage of noEDNS in the infra cache. 
iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-30 12:55:48 +00:00
Wouter Wijngaards
8c5b3d3c8f - so-sndbuf option for very busy servers, a bit like so-rcvbuf. 
git-svn-id: file:///svn/unbound/trunk@2344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-15 14:30:34 +00:00
Wouter Wijngaards
a3a1119f54 - Change the rtt used to probe EDNS-timeout hosts to 1000 msec. 
git-svn-id: file:///svn/unbound/trunk@2329 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-03 09:06:49 +00:00
Wouter Wijngaards
2bdb094f7b - Fix bug where fallback_tcp causes wrong roundtrip and edns 
observation to be noted in cache.  Fix bug where EDNSprobe halted
  exponential backoff if EDNS status unknown.
- new unresponsive host method, exponentially increasing block backoff.
- iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2303 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-21 15:11:39 +00:00
Wouter Wijngaards
1b773f682f - Fix TCP so it uses a random outgoing-interface. 
git-svn-id: file:///svn/unbound/trunk@2280 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-13 08:52:29 +00:00
Wouter Wijngaards
bc54fa3e58 addr_is_any 
git-svn-id: file:///svn/unbound/trunk@2279 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-13 07:59:55 +00:00
Wouter Wijngaards
75bce22b30 - EDNS timeout code will not fire if EDNS status already known. 
- EDNS failure not stored if EDNS status known to work.


git-svn-id: file:///svn/unbound/trunk@2115 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-21 11:00:35 +00:00
Wouter Wijngaards
8452c8cd5d Includes for BSD4. 
git-svn-id: file:///svn/unbound/trunk@2080 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-15 14:53:55 +00:00
Wouter Wijngaards
18a7df3d5c - Fix EDNS probe for .de DNSSEC testbed failure, where the infra 
cache timeout coincided with a server update, the current EDNS 
  backoff is less sensitive, and does not cache the backoff unless 
  the backoff actually works and the domain is not expecting DNSSEC.


git-svn-id: file:///svn/unbound/trunk@2063 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-06 08:35:37 +00:00
Wouter Wijngaards
75565262f7 Fixed random numbers for port, interface and server selection. 
Removed very small bias.
Also some lint fixes.



git-svn-id: file:///svn/unbound/trunk@2049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-18 14:42:22 +00:00
Wouter Wijngaards
147d47eee7 Move includes to code files. 
git-svn-id: file:///svn/unbound/trunk@2035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-12 15:17:48 +00:00
Wouter Wijngaards
479bebfff4 please lint on FreeBSD6 
git-svn-id: file:///svn/unbound/trunk@1889 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-05 11:12:06 +00:00
Wouter Wijngaards
586893d761 lint fixes on FreeBSD 7. 
git-svn-id: file:///svn/unbound/trunk@1888 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-05 10:39:12 +00:00
Wouter Wijngaards
1727bfc34e please doxygen. 
git-svn-id: file:///svn/unbound/trunk@1883 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-29 12:55:26 +00:00
Wouter Wijngaards
1d8013c67a do-udp: no fixed. 
git-svn-id: file:///svn/unbound/trunk@1882 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-29 12:11:38 +00:00
Wouter Wijngaards
d59a8baec2 so-rcvbuf option. 
git-svn-id: file:///svn/unbound/trunk@1851 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-25 08:54:50 +00:00
Wouter Wijngaards
165a235f4d debug prints for high verbosity 
git-svn-id: file:///svn/unbound/trunk@1830 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-15 14:03:44 +00:00
Wouter Wijngaards
ec30ae3ca6 Fixup for EDNS probe (neater than patch on mailing list). 
git-svn-id: file:///svn/unbound/trunk@1684 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-26 13:15:06 +00:00
Wouter Wijngaards
caaa90a200 Removed debug statement. 
git-svn-id: file:///svn/unbound/trunk@1627 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-05-27 12:28:23 +00:00
Wouter Wijngaards
7758098250 change in debug statements. 
git-svn-id: file:///svn/unbound/trunk@1625 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-05-27 11:27:41 +00:00
Wouter Wijngaards
b86b9f7fdc Fix IPv6 detection on XP. 
Fix loop to service on quit when there are messages waiting.

git-svn-id: file:///svn/unbound/trunk@1624 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-05-27 08:24:19 +00:00
Wouter Wijngaards
578c1632ce Windows handle leakage fixes: closesocket or else the networkstack leaks handles (for ever, even after closing the application), and use own mutex implementation (whee!). 
git-svn-id: file:///svn/unbound/trunk@1622 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-29 15:23:08 +00:00
Wouter Wijngaards
a30d1f9f20 Neater configure and no double config.h includes. 
git-svn-id: file:///svn/unbound/trunk@1545 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-24 10:42:57 +00:00
Wouter Wijngaards
cf068986ff more cycle checks. 
fix for reentrant problem.


git-svn-id: file:///svn/unbound/trunk@1485 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-18 13:23:17 +00:00
Wouter Wijngaards
69af0f10e9 Elusive bad-file-descriptor error caught. 
git-svn-id: file:///svn/unbound/trunk@1333 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-05 14:56:49 +00:00
Wouter Wijngaards
6cebdd2baf unwanted reply threshold like in the draft. 
git-svn-id: file:///svn/unbound/trunk@1321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-22 14:36:46 +00:00
Wouter Wijngaards
dbaa5194a6 Recursion lame is detected and last resort is used to resolve. 
git-svn-id: file:///svn/unbound/trunk@1294 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-13 09:11:42 +00:00
Wouter Wijngaards
939fabd809 0x20 fallback code. 
git-svn-id: file:///svn/unbound/trunk@1285 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-06 14:46:22 +00:00
Wouter Wijngaards
d4fadf55a8 EDNS fallback when timeout and multiple query rtt backoff. 
git-svn-id: file:///svn/unbound/trunk@1272 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-29 14:50:35 +00:00
Wouter Wijngaards
636f742ef0 extended statistics. 
git-svn-id: file:///svn/unbound/trunk@1239 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-16 14:08:38 +00:00
Wouter Wijngaards
014cc821ba Fix bug #201 
git-svn-id: file:///svn/unbound/trunk@1173 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-04 12:15:12 +00:00
Wouter Wijngaards
fc3fc7a1f3 unit test, testbound, basic udp and tcp tests are working on XP. 
ipv6 not supported by OS is a warning (nonfatal).

git-svn-id: file:///svn/unbound/trunk@1127 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-06-18 14:27:30 +00:00
Wouter Wijngaards
4a6d702edf - mingw32 porting. 
- test for sys/wait.h
          - WSAEWOULDBLOCK test after nonblocking TCP connect.
          - write_iov_buffer removed: unused and no struct iov on windows.
          - signed/unsigned warning fixup mini_event.
          - use ioctlsocket to set nonblocking I/O if fnctl is unavailable.
          - skip signals that are not defined
          - detect pwd.h.
          - detect getpwnam, getrlimit, setsid, sbrk, chroot.
          - default config has no chroot if chroot() unavailable.
          - if no kill() then no pidfile is read or written.
          - gmtime_r is replaced by nonthreadsafe alternative if unavail.
            used in rrsig time validation errors.


git-svn-id: file:///svn/unbound/trunk@1097 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-05-23 14:13:07 +00:00
Wouter Wijngaards
fa07056f79 mingw port. 
relabel replaced functions to avoid conflicts with library.

git-svn-id: file:///svn/unbound/trunk@1093 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-05-22 13:30:22 +00:00
Wouter Wijngaards
8d472c8cf8 fixup no-ip4 error callback. 
git-svn-id: file:///svn/unbound/trunk@1077 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-05-07 07:53:57 +00:00
Wouter Wijngaards
2904445bd2 Fixup. 
git-svn-id: file:///svn/unbound/trunk@1032 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-11 16:05:55 +00:00
Wouter Wijngaards
0f80e5e78a - removed base_port. 
- created 256-port ephemeral space for the OS, 59802 available.


git-svn-id: file:///svn/unbound/trunk@1030 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-11 14:10:16 +00:00
Wouter Wijngaards
a8bf62f962 - random port selection out of the configged ports. 
- fixup threadsafety for libevent-1.4.3+ (event_base_get_method).



git-svn-id: file:///svn/unbound/trunk@1029 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-11 13:24:49 +00:00
Wouter Wijngaards
46e703c989 libev can be used (but not multithreaded) and del fd unused. 
git-svn-id: file:///svn/unbound/trunk@1023 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-09 11:58:53 +00:00
Wouter Wijngaards
d26b183ba6 - unbound tries to set the ulimit fds when started as server. 
if that does not work, it will scale back its requirements.


git-svn-id: file:///svn/unbound/trunk@1022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-08 15:02:52 +00:00
Wouter Wijngaards
130a5f2dee can use DNS-0x20 draft casing. 
git-svn-id: file:///svn/unbound/trunk@994 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-27 09:21:31 +00:00
Wouter Wijngaards
f3cfe6ed9c - setup speec_cache for need-ldns-testns in dotests. 
- check number of queued replies on incoming queries to avoid overload
         on that account.
       - fptr whitelist checks are not disabled in optimize mode.



git-svn-id: file:///svn/unbound/trunk@971 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-20 07:18:42 +00:00
Wouter Wijngaards
b2710818d4 Faster due to time-sharing. 
git-svn-id: file:///svn/unbound/trunk@966 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-19 13:12:23 +00:00
Wouter Wijngaards
849026931b move around debug levels. 
git-svn-id: file:///svn/unbound/trunk@929 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-07 09:46:49 +00:00
Wouter Wijngaards
da073cfc3e fallback EDNS on NOTIMPL. 
git-svn-id: file:///svn/unbound/trunk@928 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-06 15:08:38 +00:00
Wouter Wijngaards
635c65f4ed remove DEBUG 
git-svn-id: file:///svn/unbound/trunk@912 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-01-30 16:35:34 +00:00
Wouter Wijngaards
2b4ef794b9 logging nicer, removal of reply_iov. 
git-svn-id: file:///svn/unbound/trunk@911 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-01-30 14:46:01 +00:00
Wouter Wijngaards
179273a13a interface-automatic (IP6mapped, good for anycast service and so on). 
git-svn-id: file:///svn/unbound/trunk@847 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-01-15 09:45:30 +00:00
Wouter Wijngaards
75073cefea library resolution working. 
git-svn-id: file:///svn/unbound/trunk@809 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-12-06 15:11:07 +00:00
Wouter Wijngaards
fcac316d63 coverity run fixes. 
git-svn-id: file:///svn/unbound/trunk@803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-12-04 17:54:14 +00:00
Wouter Wijngaards
b9c417481b keep tcp address around for acl. 
git-svn-id: file:///svn/unbound/trunk@770 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-19 16:31:22 +00:00
Wouter Wijngaards
90df76f931 nicer error, random() improved. 
git-svn-id: file:///svn/unbound/trunk@707 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-19 12:10:13 +00:00
Wouter Wijngaards
c8c099960a outgoing interfaces setting possible. 
git-svn-id: file:///svn/unbound/trunk@704 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-19 08:32:36 +00:00
Wouter Wijngaards
268ada0d33 errors have addresses with them. 
git-svn-id: file:///svn/unbound/trunk@692 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-18 09:04:55 +00:00
Wouter Wijngaards
907ab3d99a failover to next server. 
git-svn-id: file:///svn/unbound/trunk@691 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-17 19:23:01 +00:00