upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-21 15:21:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6058 commits 23 branches 209 tags 123 MiB
Commit graph

102 commits

Author SHA1 Message Date
Willem Toorop
48ecf95108 Merge branch 'master' into features/padding 2021-01-22 10:29:50 +01:00
W.C.A. Wijngaards
e50152aa1f - Fix readagain and writeagain callback functions for comm point 
cleanup.
 2020-11-25 13:46:28 +01:00
W.C.A. Wijngaards
4b644b7965 - Better fix for reuse tree comparison for is-tls sockets. Where 
the tree key identity is preserved after cleanup of the TLS state.
 2020-11-25 10:22:11 +01:00
Wouter Wijngaards
ead06af086 Merge branch 'master' into stream-reuse 2020-11-24 08:20:07 +01:00
W.C.A. Wijngaards
9cc8aa1ddf - Option to toggle udp-connect, default is enabled. 2020-11-23 11:06:53 +01:00
W.C.A. Wijngaards
6b97cb1dd1 stream reuse, up connection reuse time to 60 seconds. 2020-11-23 10:36:22 +01:00
W.C.A. Wijngaards
4445d9c5aa stream reuse, fix review comments. 2020-11-23 09:44:56 +01:00
W.C.A. Wijngaards
2eb39abbaf - Fix that reuse_tcp_close_oldest sets item_on_lru_list to 0. 
- Fix to add assertions to reuse_tcp_select_id and unit test.
- Fix that if no tcp buffers then pending tcp query stops.
 2020-10-21 09:49:55 +02:00
W.C.A. Wijngaards
2932d530c1 stream reuse, send queries one by one when upstream refuses multiple queries, 
by closing the connection.
 2020-07-27 16:59:46 +02:00
W.C.A. Wijngaards
9b583d2331 stream reuse, the id for pending stored in waiting_tcp structure, because 
there can be multiple messages waiting for reply.
 2020-07-09 13:58:44 +02:00
W.C.A. Wijngaards
d033ce6c23 tcp callback function refactor, split read and timeout event setup, leave 
unused queries that are already sent to track their reply on the query
pipeline, when serviced query is deleted deal with the write wait list,
 2020-06-25 17:23:46 +02:00
W.C.A. Wijngaards
39a50f30a3 tcp callback handle timeout event for read and reuse keepalive. 2020-06-25 14:26:29 +02:00
W.C.A. Wijngaards
75da272afe reuse tcp id_cmp function. clear list and tree after delete. clear when 
decommisioned. callbacks when closed for lru space, and when closed because
not kept open.
 2020-06-24 16:28:42 +02:00
W.C.A. Wijngaards
8ca34be36a fix reuse tcp crash, use addr in reuse struct, free leaked tcp entries. 2020-06-24 10:09:49 +02:00
W.C.A. Wijngaards
4b6e41e3de fix documentation for waiting_tcp pkt NULL setting. 2020-06-19 17:37:23 +02:00
W.C.A. Wijngaards
a1babfff1e add bool if on tcp waiting list, so that pkt can be stored. 
remove pkt args from outnet_tcp_take_into_use, use w.pkt.
 2020-06-19 17:31:36 +02:00
W.C.A. Wijngaards
a695ba447c set timeout to wait for reuse 
add comm_point indicator for write events for reuse stream writes.
 2020-06-09 16:15:03 +02:00
W.C.A. Wijngaards
0f3c638193 find reuse find tcp loop code for multiple connections to the same destination 
find spare id value in reused connection.
 2020-06-03 12:10:31 +02:00
W.C.A. Wijngaards
d1904bd509 tree key addr 2020-05-26 16:27:45 +02:00
W.C.A. Wijngaards
aad363ddd1 rename next,prev to lru_next,lru_prev for clarity. 2020-05-26 13:41:07 +02:00
W.C.A. Wijngaards
1a6cc6e5dc fixup lru list presence boolean. 2020-05-26 08:46:36 +02:00
W.C.A. Wijngaards
a83f5d7260 Merge branch 'master' into stream-reuse 2020-05-20 15:39:50 +02:00
gthess
334498d9b9
Merge pull request #221 from NLnetLabs/more-SNI 
More SNI support on TLS
 2020-04-17 11:37:47 +02:00
George Thessalonikefs
e430e95d30 - Add SNI support on more TLS connections (fixes #193). 
- Add SNI support to unbound-anchor.
 2020-04-16 14:39:05 +02:00
George Thessalonikefs
e18ab07c62 - Add doxygen documentation for DSCP. 2020-04-16 13:58:35 +02:00
Willem Toorop
4f78b37c61 Down- and upstream padding a la RFC7830 & RFC8467 2020-04-02 18:34:03 +02:00
Yaroslav K
cfddbcb5be add setting IP DiffServ Codepoint (DSCP, previously TOS) on sockets 2020-03-23 19:37:43 +00:00
Florian Obser
5aaa5e253d Allow the kernel to provide random source ports. 
On some operating systems, for example OpenBSD since some decades, the
kernel binds to a random source port if asked for any port (port
number 0). There is no need to replicate this functionality in
userland.
 2020-02-20 14:54:06 +01:00
W.C.A. Wijngaards
57aefd102e Stream reuse branch, for TCP and TLS stream reuse. 
This is for upstream pipes and using them again for the next query.

Signposted code for reuse_tcp structure in outside_network.h
 2020-01-16 17:12:32 +01:00
W.C.A. Wijngaards
af11b54071 Review changes for the XoT branch 
With doc, SSL setup function, and function parameter doc.
 2019-04-29 10:25:19 +02:00
Willem Toorop
48ad6477eb AXFR over TLS 
Enable by specifying an auth name, like this:
```
auth-zone:
        name: nlnetlabs.nl
        master: 185.49.140.60#ns.nlnetlabs.nl
```
 2019-03-24 10:43:57 +01:00
Ralph Dolmans
f30fe71395 - Get ready for the DNS flag day: remove EDNS lame procedure, do not re-query 
without EDNS after timeout.


git-svn-id: file:///svn/unbound/trunk@5037 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-16 10:23:13 +00:00
Wouter Wijngaards
6fefbb4115 - Fix fail to reject dead peers in forward-zone, with ssl-upstream. 
git-svn-id: file:///svn/unbound/trunk@4670 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-02 06:36:02 +00:00
Wouter Wijngaards
c16a32d2be fix doxygen comments. 
git-svn-id: file:///svn/unbound/trunk@4632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:16:10 +00:00
Wouter Wijngaards
9d28279475 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: file:///svn/unbound/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
Wouter Wijngaards
75eb720ab5 auth zone work on http feature. 
git-svn-id: file:///svn/unbound/trunk@4517 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-07 16:10:31 +00:00
Wouter Wijngaards
392be1e787 auth zone fix comment 
git-svn-id: file:///svn/unbound/trunk@4483 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 15:19:23 +00:00
Wouter Wijngaards
84e819dc31 auth zone move file descriptor functionality to outside network 
for the unit test


git-svn-id: file:///svn/unbound/trunk@4482 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 14:59:17 +00:00
Wouter Wijngaards
30da6bde6f - authzone work, transfer connect. 
git-svn-id: file:///svn/unbound/trunk@4420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-12 15:39:45 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Wouter Wijngaards
1394dcba69 - Fix #787: outgoing-interface netblock/64 ipv6 option to use linux 
freebind to use 64bits of entropy for every query with random local
  part.


git-svn-id: file:///svn/unbound/trunk@3804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-04 14:51:30 +00:00
Wouter Wijngaards
031caba9c0 - and also generic edns options for upstream messages (and replies). 
after parse use edns_opt_find(edns.opt_list, LDNS_EDNS_NSID),
  to insert use edns_opt_append(edns, region, code, len, bindata) on
  the opt_list passed to send_query, or in edns_opt_inplace_reply.


git-svn-id: file:///svn/unbound/trunk@3742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:55:22 +00:00
Wouter Wijngaards
dd8b5729f2 Fix signed-unsigned lint warnings in tcp-mss. 
git-svn-id: file:///svn/unbound/trunk@3592 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:08:37 +00:00
Wouter Wijngaards
5d0ad681a2 - #731: tcp-mss, outgoing-tcp-mss options for unbound.conf, patch 
from Daisuke Higashi.


git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:03:59 +00:00
Wouter Wijngaards
8ccba42b1f - dnstap support, with a patch from Farsight Security, written by 
Robert Edmonds. The --enable-dnstap needs libfstrm and protobuf-c.
  It is BSD licensed (see dnstap/dnstap.c).
  Building with --enable-dnstap needs pkg-config with this patch.
- Noted dnstap in doc/README and doc/CREDITS.


git-svn-id: file:///svn/unbound/trunk@3206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-05 07:57:52 +00:00
Wouter Wijngaards
bc7f906590 - Fix caps-for-id fallback, and added fallback attempt when servers 
drop 0x20 perturbed queries.


git-svn-id: file:///svn/unbound/trunk@3146 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-24 08:24:28 +00:00
Wouter Wijngaards
330b3219a0 - unbound-control stats prints num.query.tcpout with number of TCP 
outgoing queries made in the previous statistics interval.


git-svn-id: file:///svn/unbound/trunk@3108 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-10 09:13:58 +00:00
Matthijs Mekking
492a5ca681 only whitespace changes 
git-svn-id: file:///svn/unbound/trunk@3088 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-18 13:54:19 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00