upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-22 15:50:59 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6058 commits 23 branches 209 tags 123 MiB
Commit graph

701 commits

Author SHA1 Message Date
W.C.A. Wijngaards
d8b7b5ee27 fix to set pending pointer in reuse tcp structure 
fix debug output of reuse tcp and test leak of process
 2020-06-09 09:14:01 +02:00
W.C.A. Wijngaards
fd723aed27 tcp connection is stored and picked up for reuse 
fix that comm_point_start_listening does not close the same fd that is started.
 2020-06-03 17:24:26 +02:00
W.C.A. Wijngaards
7b46067029 add test for tcp reuse 2020-06-03 10:01:51 +02:00
W.C.A. Wijngaards
f37242566b - For PR #93: unit test for dynlib module. 2020-05-19 15:49:08 +02:00
George Thessalonikefs
1bd4dbf302 - New include directive 'include-toplevel:'. It closes the previous 
clause (if any) and requires that all included files explicitly
  start a clause.
 2020-04-29 11:23:12 +02:00
George Thessalonikefs
a269db3828 - Explicitly use 'rrset-roundrobin: no' for test cases. 2020-04-22 19:27:20 +02:00
Yaroslav K
c0118410a2 add ip-dscp configuration option for setting IP DiffServ codepoint (DSCP, previously TOS) on sockets 2020-03-23 19:37:43 +00:00
W.C.A. Wijngaards
3753d01253 dnstap io, test for client authentication, unbound can send client 
authentication credentials, when configured, and unbound-dnstap-socket can
verify the client credentials, and refuses the connection if missing.
 2020-02-18 16:30:13 +01:00
W.C.A. Wijngaards
9556d59536 dnstap io, test that failed name or auth certificate fails to connect tls. 2020-02-18 14:18:03 +01:00
W.C.A. Wijngaards
2106692a89 dnstap io, test TLS with peername and TLS authentication. 2020-02-14 15:44:55 +01:00
W.C.A. Wijngaards
4d3524f496 dnstap io, test for TLS and reconnect for that. And fix unused parameters 
for dt_create and fix check of socket path when using IP address.
 2020-02-14 14:44:02 +01:00
W.C.A. Wijngaards
7da19e96ce dnstap io, test for TCP and reconnect for that. 2020-02-14 14:16:56 +01:00
W.C.A. Wijngaards
e5e72eb398 Merge branch 'master' into framestreams 2020-02-12 11:58:01 +01:00
W.C.A. Wijngaards
7e061e4d5f Fix test to check if server up afterwards 2020-02-06 10:25:47 +01:00
W.C.A. Wijngaards
58fdcf06e8 Merge branch 'master' into framestreams 2020-02-05 14:25:47 +01:00
gthess
f7fe95ad7b
Serve stale (#159) 
- Added serve-stale functionality as described in
  draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
  to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107.
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
  come with a configurable TTL value (`serve-expired-reply-ttl`).
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
 2020-02-05 14:20:27 +01:00
W.C.A. Wijngaards
8dd683768b Merge branch 'master' into framestreams 2020-01-30 16:22:12 +01:00
Ralph Dolmans
056176ec9a Merge branch 'master' into rpz 2020-01-30 15:57:34 +01:00
W.C.A. Wijngaards
dd1b35412f dnstap io, add reconnect test. 2020-01-30 15:13:25 +01:00
W.C.A. Wijngaards
8aa338ba2d dnstap io, test threads in unit test. 2020-01-30 14:57:03 +01:00
W.C.A. Wijngaards
36dd4a2124 Merge branch 'master' into framestreams 2020-01-30 13:06:52 +01:00
W.C.A. Wijngaards
bf13191b87 - Fix subnet tests for disabled DSA algorithm by default. 2020-01-30 09:08:19 +01:00
W.C.A. Wijngaards
bb55cc1685 dnstap unit test. 2020-01-21 14:02:45 +01:00
Ralph Dolmans
e00ce7e02e - extend rpz_respip.rpl with ipv6 without zz label case 2020-01-16 17:52:09 +01:00
Ralph Dolmans
b78373216d - Add cname target wc synth. to testbound test 2020-01-16 12:39:23 +01:00
Ralph Dolmans
9877e52161 Merge branch 'master' of github.com:NLnetLabs/unbound into rpz 2020-01-15 23:44:10 +01:00
W.C.A. Wijngaards
2c4be0c201 - Fix crash after reload where a stats lookup could reference old key 
cache and neg cache structures.
 2020-01-14 15:18:52 +01:00
W.C.A. Wijngaards
9b3f3101e3 - Removed the dnscrypt_queries and dnscrypt_queries_chacha tests, 
because dnscrypt-proxy (2.0.36) does not support the test setup
  any more, and also the config file format does not seem to have
  the appropriate keys to recreate that setup.
 2020-01-14 14:40:44 +01:00
W.C.A. Wijngaards
19473d95eb - Fix 'make test' to work for --disable-sha1 configure option. 2020-01-08 09:23:46 +01:00
Ralph Dolmans
ae4f6a259b Proccess more review feedback 2019-12-23 16:02:43 +01:00
Ralph Dolmans
2b5cd8e9b4 Merge remote-tracking branch 'ralph/feature/rpz' into rpz 2019-09-09 17:11:26 +02:00
Ralph Dolmans
ccb576f95e - add always_deny action, use this one for RPZ 
- use localzone's memory layout when removing rr from rrset
 2019-08-23 12:15:37 +02:00
Ralph Dolmans
965f16cc89 - Add RPZ AXFR test 
- Fix memory leak
 2019-08-13 17:06:43 +02:00
Ralph Dolmans
4cbf4f4996 - Add RPZ response IP override test 2019-08-12 18:44:30 +02:00
Ralph Dolmans
88fce791df - Add RPZ respip test 
- Fix rpz memory leak
 2019-08-12 16:06:15 +02:00
Ralph Dolmans
7180284d82 - Add RPZ/QNAME override test 2019-08-08 16:43:28 +02:00
Ralph Dolmans
401fc15443 - Extend RPZ/QNAME trigger test 
- Fix potential memory leak
 2019-08-08 16:07:16 +02:00
Ralph Dolmans
4eb7771f97 - Added RPZ/QNAME trigger test 2019-08-08 13:50:02 +02:00
W.C.A. Wijngaards
368386c011 - Fix #48: Unbound returns additional records on NODATA response, 
if minimal-responses is enabled, also the additional for negative
  responses is removed.
 2019-07-12 14:34:35 +02:00
Wouter Wijngaards
ce8167a3bb - Fix auth-zone NSEC3 response for wildcard nodata answers, 
include the closest encloser in the answer.


git-svn-id: file:///svn/unbound/trunk@5146 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-03 06:36:40 +00:00
Wouter Wijngaards
59570b0413 - Fix auth-zone NSEC3 response for empty nonterminals with exact 
match nsec3 records.


git-svn-id: file:///svn/unbound/trunk@5142 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-02 12:21:41 +00:00
Wouter Wijngaards
16cc196bf2 - output forwarder log in ssl_req_order test. 
git-svn-id: file:///svn/unbound/trunk@5130 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-03-01 12:38:53 +00:00
Wouter Wijngaards
ddae2885bd Also fix this unit test for qname minimisation 
asked queries that have to be added to the provided answer list.


git-svn-id: file:///svn/unbound/trunk@5111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-02-11 09:56:57 +00:00
Wouter Wijngaards
19193fd534 - Fix recursion lame test for qname minimisation asked queries, 
that were not present in the set of prepared answers.


git-svn-id: file:///svn/unbound/trunk@5110 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-02-11 09:49:13 +00:00
Wouter Wijngaards
c2e3baa81a - Fix #4224: auth_xfr_notify.rpl test broken due to typo 
git-svn-id: file:///svn/unbound/trunk@5087 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-29 14:37:35 +00:00
Wouter Wijngaards
37361a1d10 - Fix unit test for python 3.7 new keyword 'async'. 
git-svn-id: file:///svn/unbound/trunk@5069 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-24 09:37:57 +00:00
Wouter Wijngaards
9d4ca81959 Fixup ssl unit test with example ticket files. 
git-svn-id: file:///svn/unbound/trunk@5065 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 10:50:26 +00:00
Wouter Wijngaards
510606dd1c - Patch for TLS session resumption from Manabu Sonoda, 
enable with tls-session-ticket-keys in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@5059 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 09:35:52 +00:00
Wouter Wijngaards
4481b9584c Fix test failure. 
git-svn-id: file:///svn/unbound/trunk@5049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-22 10:29:01 +00:00
Wouter Wijngaards
dec68aa9a9 - Doc for stream-wait-size and unit test. 
git-svn-id: file:///svn/unbound/trunk@5048 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-22 08:52:23 +00:00
Wouter Wijngaards
7c4911c577 No leaks found. 
git-svn-id: file:///svn/unbound/trunk@5044 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 13:45:13 +00:00
Wouter Wijngaards
068374740c - Unit tests for ssl out of order processing. 
git-svn-id: file:///svn/unbound/trunk@5042 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 13:26:21 +00:00
Wouter Wijngaards
f7d63b0927 - Unit test for tcp request reorder and timeouts. 
git-svn-id: file:///svn/unbound/trunk@5041 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 13:04:08 +00:00
Wouter Wijngaards
9087b18234 - Fix tcp idle timeout test, for difference in the tcp reply code. 
git-svn-id: file:///svn/unbound/trunk@5040 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 09:36:01 +00:00
Ralph Dolmans
f30fe71395 - Get ready for the DNS flag day: remove EDNS lame procedure, do not re-query 
without EDNS after timeout.


git-svn-id: file:///svn/unbound/trunk@5037 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-16 10:23:13 +00:00
Wouter Wijngaards
ae9fe1a10e - streamtcp option -a send queries consecutively and prints answers 
as they arrive.
- Fix for out of order processing administration quit cleanup.
- unit test for tcp out of order processing.


git-svn-id: file:///svn/unbound/trunk@5033 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-14 15:52:50 +00:00
Wouter Wijngaards
dd19026e91 - Initial commit for out-of-order processing for TCP and TLS. 
git-svn-id: file:///svn/unbound/trunk@5032 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-11 14:12:27 +00:00
Wouter Wijngaards
db2557826a - Fix NSEC3 record that is returned in wildcard replies from 
auth-zone zones with NSEC3 and wildcards.


git-svn-id: file:///svn/unbound/trunk@5030 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-08 14:39:31 +00:00
Wouter Wijngaards
b4e8ab4254 Fix test. 
git-svn-id: file:///svn/unbound/trunk@5008 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-12-03 14:54:29 +00:00
Wouter Wijngaards
c1c1cd97e7 - Remove clang analysis warnings. 
git-svn-id: file:///svn/unbound/trunk@4998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-29 14:39:26 +00:00
Wouter Wijngaards
e6da6c251c Fixup test. 
git-svn-id: file:///svn/unbound/trunk@4996 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-29 13:09:46 +00:00
Wouter Wijngaards
cccb5094a4 - Fix clang analysis for outside directory build test. 
git-svn-id: file:///svn/unbound/trunk@4990 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-28 13:34:31 +00:00
Wouter Wijngaards
0ff5c52657 - Fix #4208: 'stub-no-cache' and 'forward-no-cache' not work. 
git-svn-id: file:///svn/unbound/trunk@4981 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-27 10:29:14 +00:00
Wouter Wijngaards
5853f90076 - With ./configure --with-pyunbound --with-pythonmodule 
PYTHON_VERSION=3.6 or with 2.7 unbound can compile and unit tests
  succeed for the python module.
- pythonmod logs the python error and traceback on failure.


git-svn-id: file:///svn/unbound/trunk@4966 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-22 13:01:29 +00:00
Wouter Wijngaards
f7e99131b9 - Scrub NS records from NXDOMAIN responses to stop fragmentation 
poisoning of the cache.


git-svn-id: file:///svn/unbound/trunk@4961 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-20 09:44:40 +00:00
Wouter Wijngaards
8e2a100460 - Fix #4132: Openness/closeness of RANGE intervals in rpl files. 
git-svn-id: file:///svn/unbound/trunk@4953 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-25 09:01:53 +00:00
Ralph Dolmans
140a165ab2 - Add markdel function to ECS slabhash. 
- Limit ECS scope returned to client to the scope used for caching.      
 - Make lint like previous #4154 fix. 


git-svn-id: file:///svn/unbound/trunk@4946 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-24 13:50:18 +00:00
Wouter Wijngaards
1c08a2ba55 - clang analyze test is used only when assertions are enabled. 
git-svn-id: file:///svn/unbound/trunk@4930 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-02 12:42:50 +00:00
Wouter Wijngaards
2e9d09b961 - initialize statistics totals for printout. 
- in authzone check that node exists before adding rrset.
	- in unbound-anchor, use readwrite memory BIO.
	- assertion in autotrust that packed rrset is formed correctly.


git-svn-id: file:///svn/unbound/trunk@4903 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 12:20:41 +00:00
Wouter Wijngaards
635df9c806 - unit test has clang analysis. 
git-svn-id: file:///svn/unbound/trunk@4901 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 10:24:08 +00:00
Wouter Wijngaards
a09c4bbdc2 - Fix spelling errors. 
git-svn-id: file:///svn/unbound/trunk@4893 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-11 13:28:21 +00:00
Wouter Wijngaards
5577e55400 - Disable minimal-responses in subnet unit tests. 
git-svn-id: file:///svn/unbound/trunk@4881 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-31 14:59:10 +00:00
Ralph Dolmans
ae2653fcc5 - Disable minimal-responses in ipsecmod unit tests. 
git-svn-id: file:///svn/unbound/trunk@4875 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-28 14:11:21 +00:00
Wouter Wijngaards
57a5e75840 Fixup test and lint hook. 
git-svn-id: file:///svn/unbound/trunk@4873 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-27 13:29:48 +00:00
Wouter Wijngaards
e0745813f4 - Set defaults to yes for a number of options to increase speed and 
resilience of the server.  The so-reuseport, harden-below-nxdomain,
  and minimal-responses options are enabled by default.  They used
  to be disabled by default, waiting to make sure they worked.  They
  are enabled by default now, and can be disabled explicitly by
  setting them to "no" in the unbound.conf config file.  The reuseport
  and minimal options increases speed of the server, and should be
  otherwise harmless.  The harden-below-nxdomain option works well
  together with the recently default enabled qname minimisation, this
  causes more fetches to use information from the cache.


git-svn-id: file:///svn/unbound/trunk@4871 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-27 13:18:19 +00:00
Wouter Wijngaards
586b811b87 - Patch to implement tcp-connection-limit from Jim Hague (Sinodun). 
This limits the number of simultaneous TCP client connections
  from a nominated netblock.
And a simple test for TCP connection limit.


git-svn-id: file:///svn/unbound/trunk@4835 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 11:57:42 +00:00
George Thessalonikefs
b2a7933045 Make sure that we don't randomly fail the pylib ratelimiting tests. 
git-svn-id: file:///svn/unbound/trunk@4829 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 15:57:48 +00:00
George Thessalonikefs
749d1b9ebc - Expose if a query (or a subquery) was ratelimited (not src IP 
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
  This also introduces a change to 'ub_event_callback_type' in
  libunbound/unbound-event.h.
- Tidy pylib tests.


git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 14:00:46 +00:00
Wouter Wijngaards
aa5efa172d idle timeout is in milliseconds, fix test config. 
git-svn-id: file:///svn/unbound/trunk@4818 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 10:30:42 +00:00
Wouter Wijngaards
45e73bcc8e Insert comments for documentation purposes. 
git-svn-id: file:///svn/unbound/trunk@4811 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:55:47 +00:00
Wouter Wijngaards
3dbdde7fed - Add edns-tcp-keepalive and edns-tcp-keepalive timeout options 
and implement option in client responses.


git-svn-id: file:///svn/unbound/trunk@4804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:18:34 +00:00
Wouter Wijngaards
6da37e5ecd - Error if EDNS Keepalive received over UDP. 
implement and add test.


git-svn-id: file:///svn/unbound/trunk@4803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:16:25 +00:00
Wouter Wijngaards
007123ee2c - Sort out test runs when the build directory isn't the project 
root directory.
- Add config tcp-idle-timeout (default 30s). This applies to
  client connections only; the timeout on TCP connections upstream
  is unaffected.


git-svn-id: file:///svn/unbound/trunk@4802 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:15:12 +00:00
Wouter Wijngaards
beba72d6db adjust test, for timer too slow for old machines. 
git-svn-id: file:///svn/unbound/trunk@4712 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-05 08:09:00 +00:00
Ralph Dolmans
50b6dc4b81 - Qname minimisation default changed to yes. 
git-svn-id: file:///svn/unbound/trunk@4685 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-17 10:33:19 +00:00
Wouter Wijngaards
82418e2bf7 Fixup test for new timeout value. 
git-svn-id: file:///svn/unbound/trunk@4671 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-02 06:52:46 +00:00
Wouter Wijngaards
913d4537f4 valgrind for unittest. 
git-svn-id: file:///svn/unbound/trunk@4668 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-01 12:20:37 +00:00
Wouter Wijngaards
4e2bafafef valgrind more unit tests. 
git-svn-id: file:///svn/unbound/trunk@4667 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-01 12:12:21 +00:00
Ralph Dolmans
755177fb4c Add root-key-sentinel test description 
git-svn-id: file:///svn/unbound/trunk@4654 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-24 09:13:57 +00:00
Ralph Dolmans
ee9c42bee5 Added root-key-sentinel test 
git-svn-id: file:///svn/unbound/trunk@4653 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-24 09:10:38 +00:00
Wouter Wijngaards
406a9d8350 unit test with TLS authentication 
git-svn-id: file:///svn/unbound/trunk@4649 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-23 14:18:24 +00:00
Wouter Wijngaards
e4c8085408 - unit test for allow-notify 
git-svn-id: file:///svn/unbound/trunk@4629 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-17 14:58:43 +00:00
Wouter Wijngaards
4809fe1b95 - auth zone notify work. 
git-svn-id: file:///svn/unbound/trunk@4626 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-16 15:10:30 +00:00
Wouter Wijngaards
9cd2f836bd Removed unused files (from an editor?). 
git-svn-id: file:///svn/unbound/trunk@4608 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-06 06:16:03 +00:00
Wouter Wijngaards
1f9caf5805 - ED448 support. 
git-svn-id: file:///svn/unbound/trunk@4607 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 14:44:17 +00:00
Wouter Wijngaards
3d1f9ae9d3 - Fix #4043: make test fails due to v6 presentation issue in macOS. 
git-svn-id: file:///svn/unbound/trunk@4599 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-03 07:47:02 +00:00
Wouter Wijngaards
4a0d32ec53 deleted the chmod+x on this file, this means it removed the svn:executable property. 
git-svn-id: file:///svn/unbound/trunk@4594 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-21 15:02:25 +00:00
Ralph Dolmans
9f0d521b88 - Do use cached NSEC records to generate negative answers for domains under 
DNSSEC Negative Trust Anchors.


git-svn-id: file:///svn/unbound/trunk@4593 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-21 14:34:17 +00:00
Wouter Wijngaards
3a287a70cd Test and fix. 
git-svn-id: file:///svn/unbound/trunk@4583 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-13 13:14:56 +00:00
Wouter Wijngaards
1a7540c80a - Reverted fix for #3512, this may not be the best way forward; 
although it could be changed at a later time, to stay similar to
  other implementations.


git-svn-id: file:///svn/unbound/trunk@4560 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-06 08:22:33 +00:00